16 matches found
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
Apache HugeGraph Server 1.0.x < 1.3.0 (CVE-2024-27348)
The version of Apache HugeGraph Server installed on the remote host is prior to 1.3.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27348 advisory. - RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server:...
Apache HugeGraph Gremlin command injection
Added: 08/20/2024 Background Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language. Problem A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin. Resolution Upgrade to...
Apache HugeGraph Gremlin command injection
Added: 08/20/2024 Background Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language. Problem A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin. Resolution Upgrade to...
Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP
Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 CVSS score: 9.8, the vulnerability impacts all versions of the software before 1.3.0. It has been describ...
Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
GHSA-29RC-VQ7F-X335 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348
CVE-2024-27348 (Apache HugeGraph-Server) is an improper access control vulnerability in the Gremlin interface that enables remote code execution. Affected: HugeGraph-Server versions from 1.0.0 up to (but not including) 1.3.0, running on Java 8 or Java 11. Root cause: insufficient access controls ...
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. Recent assessments: jheysel-r7...
MK-Auth 代ç éźéąæŒæŽ
Mk-Auth is a Brazilian ISP management system from Mk-Auth Inc. It is used to control client access and permissions through a web interface panel. A security vulnerability exists in MK-Auth version 23.01K4.9. An attacker can exploit the vulnerability to execute arbitrary code by uploading an...
MK-AUTH Cross-Site Scripting Vulnerability
MK-AUTH is an access control system by the individual developer Pedro Filho in Brazil. A cross-site scripting vulnerability exists in MK-AUTH through version 19.01 K4.9, which originates in the tipo parameter of the admin log ajax.php. An attacker can exploit the vulnerability to read the...
PHP Support Tickets 1.3 SQL Injection Vulnerability
Exploit for php platform in category web applications PHPSTicketsv1.3 SQL Injection Vulnerabilty Description ============ PHP Support Tickets; will allow a webmaster the ability to offer its user base a means to contact its personnel through request vouchers...
Skype Account Service - Session Token Bypass Vulnerability
Document Title: =============== Skype Account Service - Session Token Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=762 http://www.vulnerability-lab.com/getcontent.php?id=739 MSRC ID: 13175 Release Date: ============= 2012-11-14...