9 matches found
Foreman: Arbitrary code execution through templates
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system...
CVE-2023-0118
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system...
PT-2023-16025 · Foreman +1 · Foreman +1
Name of the Vulnerable Software and Affected Versions: Foreman affected versions not specified Description: An arbitrary code execution flaw was found in Foreman, allowing an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system. Recommendations...
Foreman: Arbitrary code execution through templates
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system...
CVE-2020-15247
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be...
Lenovo ThinkPad BIOS System Management Mode Arbitrary Code Execution Vulnerability
BIOS Basic Input/Output System i.e. Basic Output Input System is the most basic software code loaded on the computer hardware system. The Lenovo ThinkPad BIOS has a security vulnerability that can be exploited by an attacker with local administrative access to execute arbitrary code, disable flas...
CVE-2002-0985
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...
Bypassing safe mode in PHP
It's possible to bypass safe mode limitation by using moveuploadedfile call and MySQL library functions to access files of different users...
foolproof-PC.txt
Date: Wed, 4 Nov 1998 15:55:09 -0500 From: Krish Jagannathan To: [email protected] Subject: FoolProof for PC Exploit I figured this much out -- if you are running on FoolProof for the PC Win9x and you boot up in safe mode with or without network support it will bypass the FoolProof TSR and...