8 matches found
CVE-2024-58273
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
EUVD-2024-55060
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
CVE-2024-58273
CVE-2024-58273 affects Nagios Log Server prior to 2024R1.0.2. The vulnerability enables local privilege escalation when an attacker can run commands as the Apache web user (or backend shell user), escalating to root on the host. Red Hat and related sources corroborate the LPE exposure in affected...
CVE-2024-58273 Nagios Log Server < 2024R1.0.2 LPE from Apache/Backend Shell User to Root
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
CVE-2024-58273 Nagios Log Server < 2024R1.0.2 LPE from Apache/Backend Shell User to Root
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
PT-2025-44509
Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.0.2 Description The software contains a local privilege escalation issue. An attacker with the ability to execute commands as the Apache web user or the backend shell user can gain root access on the...
Code execution vulnerability in indexhibits CMS
Indexhibit is a pioneering CMS web application created in 2006 for creating websites in an established index + exhibit format. A code execution vulnerability exists in indexhibits CMS, which can be exploited by an attacker to reinstall the web system and enter a backend getshell to gain server...
MacCMS 7.x 某处设计不当可后台GETSHELL
简要描述: MacCMS 7.x 某处设计不当可后台GETSHELL 某处限制可绕过 详细说明: 模板生成-页面模板-default-html-添加新页面 很明显添加页面时有硬性要求后缀必须为html,用来防止GETSHELL 这里我们先写上一句话木马(不管后缀)…… 抓包,发现surffix为html,改成php看看 木马已经就位 上菜刀,由于之前上传到default/html里面了,多以对应地址如图 img src="ht...