Open Web Analytics 1.7.3 Remote Code Execution Exploit

Open Web Analytics OWA versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. class MetasploitModule 'Open Web Analytics 1.7.3 - Remote Code Execution RCE', 'Description' = %q Op...

Open Web Analytics 1.7.3 - Remote Code Execution (RCE)

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with ' use exploit/multi/http/openwebanalyticsrce msf...

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

Vulnerable Application Open Web Analytics OWA before 1.7.4...

GHSA-PR9Q-V585-QV2W Improper Privilege Management in Open Web Analytics

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

CVE-2022-24637

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

Design/Logic Flaw

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

CVE-2022-24637

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '...

PT-2022-16769

Name of the Vulnerable Software and Affected Versions Open Web Analytics versions prior to 1.7.4 Description The issue allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files...

CVE-2022-24637

Open Web Analytics (OWA) 1.7.3 is vulnerable to unauthenticated remote code execution due to improper handling of PHP-generated cache files (files generated with '<?php instead of '