Command Execution Vulnerability in YonBIP of UFIDA Network Technology Corporation (CNVD-2024-34828)

YonBIP is a converged service group with the basic product form of digital intelligence platform + scene services in ten fields + large-scale ecology. A command execution vulnerability exists in YonBIP of UFIDA Network Technology Corporation, which can be exploited by an attacker to execute...

PT-2024-1939

Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account. The vulnerability is due t...

CVE-2023-51984

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell...

CVE-2023-30261

Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request...

PT-2022-25905 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: A command injection issue was found via the UploadFirmwareFile function at the "/cgi-bin/cstecgi.cgi" API endpoint. Recommendations: For TOTOLINK NR1800X version 9.1.0u.6279 B2021091...

iSQL 1.0 Shell Command Injection

!/bin/ruby Exploit Title: iSQLRL 1.0 - Shell Command Injection Date: 2016-06-13 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/roselone/iSQL Software Link: https://github.com/roselone/iSQL/archive/master.zip Version: 1.0 Tested on: Debian wheezy CVE...

Versatile HTTP load testing: vegeta

Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. Vegeta can be used both as a command line utility and a library. Install Pre-compiled executables Get them here . Homebrew on Mac OS X You can install Vegeta using the Homebrew...

MGASA-2014-0158 Updated python-imaging package fixes insecure use of temporary files

Updated python-imaging packages fix security vulnerabilities: Jakub Wilk discovered that temporary files were insecurely created via mktemp in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and EpsImagePlugin.py files of Python Imaging Library. A local attacker could use this flaw to perfo...

IBM DB2 - db2stop Command Line Argument Local Overflow

IBM DB2 - db2stop Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to ...

CVE-2001-0826

Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to 1 HELP, 2 USER, 3 PASS, 4 PORT, 5 DELE, 6 REST, 7 RMD, or 8 MKD...

CVE-2001-0717

Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function...