CVE-2018-19463

zbsystem/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute arbitrary PHP code by using the image/jpeg content type in an upload to the zbsystem/admin/index.php?act=UploadMng URI. NOTE: The vendor's position is "We have no dynamic including. No one can run PHP b...

Authentication flaw

DISPUTED zbsystem/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute arbitrary PHP code by using the image/jpeg content type in an upload to the zbsystem/admin/index.php?act=UploadMng URI. NOTE: The vendor's position is "We have no dynamic including. No one can...

CVE-2018-19463

Z-BlogPHP

GHSA-PHG2-9C5G-M4Q7 Remote Code Execution in spark-core

In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute co...

spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service

A vulnerability was discovered in SPICE where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts...

glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion

A flaw was found in glusterfs server which allowed repeated usage of GFMETALOCKKEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node...

CVE-2018-16752

LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases...

CVE-2018-5545

On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload...

CVE-2018-3884

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sortby and start parameter can be used to perform an SQL injection attack. An attacker can use a browser to...

LW-N605R Remote Code Execution Vulnerability

LW-N605R is a networking product from LINK-NET. The LW-N605R has a remote code execution vulnerability that allows remote code execution via shell metacharacters in the HOST field of the ping function of adm/systools.asp. Authentication is required but the default password admin for the admin...

CVE-2017-11564

The D-Link EyeOn Baby Monitor DCS-825L 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack...

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

ALPINE-CVE-2018-10873

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or,...

DEBIAN-CVE-2018-10873

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or,...

Sitecore.Net 8.1 - Directory Traversal Vulnerability

Exploit for asp platform in category web applications Exploit Title: Sitecore.Net 8.1 - Directory Traversal CVE: CVE-2018-7669 Researcher: Chris Moberly at The Missing Link Security Vendor: Sitecore Version: CMS - 8.1 and up earlier versions untested Authentication required: Yes An issue was...

Sitecore.Net 8.1 - Directory Traversal

Sitecore.Net 8.1 - Directory Traversal Exploit Title: Sitecore.Net 8.1 - Directory Traversal Date: 2018-04-23 CVE: CVE-2018-7669 Researcher: Chris Moberly at The Missing Link Security Vendor: Sitecore Version: CMS - 8.1 and up earlier versions untested Authentication required: Yes An issue was...

DEBIAN-CVE-2018-12482

OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues...

DEBIAN-CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

UBUNTU-CVE-2018-12482

OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues...

UBUNTU-CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...