Nuts CMS - PHP Remote Code Injection Execution

Nuts CMS - PHP Remote Code Injection Execution "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost /"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $path = $argv2; $pack = "GET $pathnuts/login.php?r= HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Cmd: %s\r\n"; $pack.=...

HTTPie - a CLI, cURL-like tool for humans

HTTPie pronounced aych-tee-tee-pie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output...

CVE-2015-4279

The Manager component in Cisco Unified Computing System UCS 2.23b on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778...

Fedora Update for openvas-cli FEDORA-2015-10946

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : openvas-cli-1.4.1-2.fc22 / openvas-libraries-8.0.3-2.fc22 / openvas-manager-6.0.3-4.fc22 / etc (2015-10946)

Bump to openvas8 because of the issues found in previous versions. This should be the first version with scanner really working on Fedora. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

[SECURITY] Fedora 22 Update: openvas-cli-1.4.1-2.fc22

OpenVAS CLI contains the command line tool "omp" which allows to create bat ch processes to drive OpenVAS Manager...

Arfaly.js Uploader CSRF Delete File Vulnerability

Exploit for php platform in category web applications | | | | | | | \t // \| || ,||, | |//\ ./||/||| \t |/ || \t \t | / | \ | / | || | | \ /| / | \t | |/| | | | | |/| | || || | | || | | \ \ \t | | | | | | | | | || | | | \t || ||| \ || || || |//|| \/ \t\n \t \n \t Usege : php...

Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities

The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public key portion is: ssh-rsa...

Grandstream GXV3275 SSH Key / Command Execution Vulnerability

Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell. The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this...

SOL16915 - OpenSSL vulnerability CVE-2015-1792

For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merged...

SOL16914 - OpenSSL vulnerability CVE-2015-1791

For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. For LineRate systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system...

CVE-2015-4237

The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...

Design/Logic Flaw

The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...

Design/Logic Flaw

Cisco NX-OS 6.210 on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856...

CVE-2015-4237

CVE-2015-4237 affects Cisco NX-OS on Nexus switches (NX-OS versions listed in the Cisco/NVD entries). The vulnerability is in the CLI parser where improper validation of special characters in filenames allows an authenticated, local attacker to run arbitrary OS commands, enabling local privilege ...

Cisco Nexus OS Device Command Line Interface Local Elevation of Privilege Vulnerability

Nexus is Cisco's line of network switches designed for data centers. A security vulnerability in the CLI parser of the Cisco Nexus Operating System NX-OS allows an authenticated, local attacker to gain elevated privileges by exploiting this vulnerability...

[SECURITY] Fedora 21 Update: openvas-cli-1.4.1-2.fc21

OpenVAS CLI contains the command line tool "omp" which allows to create bat ch processes to drive OpenVAS Manager...

Fedora Update for openvas-cli FEDORA-2015-10514

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-4224

Cisco Wireless LAN Controller WLC devices with software 7.0240.0 allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474...

Cisco Wireless LAN Controller Command Injection Vulnerability

A vulnerability in the command-line interface CLI processor of the Cisco Wireless LAN Controller WLC could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges on the underlying operating system. The vulnerability is due to insufficient...