7 matches found
📄 Pandora ITSM Authenticated Command Injection
This Metasploit module exploits a command injection vulnerability in the name backup setting at the application setup page of Pandora ITSM. This can be triggered by generating a backup with a malicious payload injected at the name parameter. You need to have admin access at the Pandora ITSM Web...
CVE-2025-4653
Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105...
PT-2025-24699 · Unknown · Pandora Itsm
Name of the Vulnerable Software and Affected Versions: Pandora ITSM version 5.0.105 Description: The issue is related to the improper neutralization of special elements in the backup name field, which may allow OS command injection. Recommendations: For Pandora ITSM version 5.0.105, update to a...
PandoraFMS ITSM 安全漏洞
PandoraFMS ITSM is a desktop help software from ESPPandoraFMS, Inc. A security vulnerability exists in PandoraFMS ITSM version 5.0.105, which stems from improper neutralization of special elements of the backup name field, and could lead to OS command injection...
WordPress Plugin Backuply Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Houben figure enterprise website system cookies injection-vulnerability warning-the black bar safety net
Based on asp+access corporate website source code, database has been provided with an anti-download the site more secure. To modify a site, custom your own to the page, and landscaping page is your own complete, website source code program is complete, the background powerful. Source code downloa...
CMME 1.12 - Local File Inclusion Cross-Site Scripting Cross-Site Request ForgeryDownload BackupMake Directory
CMME 1.12 - Local File Inclusion Cross-Site Scripting Cross-Site Request ForgeryDownload BackupMake Directory + CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz :...