PT-2024-26511 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.102 Description: The issue allows unauthenticated attackers to inject arbitrary web scripts in pages due to insufficient input sanitization and outpu...

PT-2023-5338 · Apache · Apache Airflow Sqoop Provider

Name of the Vulnerable Software and Affected Versions: Apache Airflow Sqoop Provider versions prior to 4.0.0 Description: The issue is related to insufficient input validation, which can be exploited by a remote attacker to execute arbitrary code. This can be achieved by passing parameters with...

CVE-2021-30232

The api/ZRIGMP/setIGMPPROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the IGMPPROXYWANCONNECT parameter...

Apache DolphinScheduler Remote Code Execution Vulnerability

Apache DolphinScheduler is a distributed decentralized , easily scalable visual DAG workflow task scheduling system . Committed to solving the intricate dependencies in the data processing process , so that the scheduling system in the data processing process out of the box . Apache...

DEBIAN-CVE-2013-4557

The Security Screen core/securite/ecransecurite.php before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter...

UBUNTU-CVE-2013-4557

The Security Screen core/securite/ecransecurite.php before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter...

SPIP - 'connect' PHP Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SPIP connect Parameter PHP Injection'...

SPIP Connect Parameter PHP Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SPIP connect Parameter PHP Injection'...

SPIP connect Parameter PHP Injection

This module exploits a PHP code injection in SPIP. The vulnerability exists in the connect parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 2.0, 2.1 and 3 are concerned. Vulnerable versions are 'SPIP connect Parameter PHP Injection',...