Lucene search
K

13 matches found

Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.2836 views

Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution (RCE)

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if...

9.8CVSS9.2AI score0.99964EPSS
Exploits174
Packet Storm
Packet Storm
added 2021/10/13 12:0 a.m.741 views

Apache HTTP Server 2.4.50 Path Traversal / Code Execution

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if...

0.3AI score0.99964EPSS
Exploits174
0day.today
0day.today
added 2021/10/13 12:0 a.m.544 views

Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution Vulnerabilities

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 == '' ; $2 ==...

9.8CVSS0.6AI score0.99964EPSS
Exploits174
GithubExploit
GithubExploit
added 2021/10/06 2:28 a.m.272 views

Exploit for Path Traversal in Apache Http_Server

!alt texthttps://raw.githubusercontent.com/lsass-exe/CVE-2021...

9.8CVSS9.5AI score0.99992EPSS
Exploits174
Packet Storm
Packet Storm
added 2021/10/06 12:0 a.m.915 views

Apache HTTP Server 2.4.49 Path Traversal

Exploit Title: Apache HTTP Server 2.4.49 - Path Traversal Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.49 Tested on: 2.4.49 CVE : CVE-2021-41773 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 =3D=3D '' ; $2...

0.99992EPSS
Exploits149
Exploit DB
Exploit DB
added 2021/10/06 12:0 a.m.3831 views

Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE)

Exploit Title: Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.49 Tested on: 2.4.49 CVE : CVE-2021-41773 Credits: Ash Daulton and the cPanel Security Team...

9.8CVSS8.3AI score0.99992EPSS
Exploits149
0day.today
0day.today
added 2021/10/06 12:0 a.m.687 views

Apache HTTP Server 2.4.49 - Path Traversal Vulnerability

Exploit Title: Apache HTTP Server 2.4.49 - Path Traversal Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.49 Tested on: 2.4.49 CVE : CVE-2021-41773 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 =3D=3D '' ; $2 =3D=3D '' ; then ech...

7.5CVSS0.2AI score0.99992EPSS
Exploits149
ThreatPost
ThreatPost
added 2021/10/05 8:1 p.m.108 views

Apache Web Server Zero-Day Actively Exploited, Exposes Sensitive Data

Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a securit...

9.8CVSS8.5AI score0.99992EPSS
Exploits149References4
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.54 views

FreeBSD : spamassassin -- multiple vulnerabilities (613193a0-c1b4-11e8-ae2d-54e1ad3d6335)

the Apache Spamassassin project reports : In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the 'open' event is immediately followed by a 'close' event - even if the tag does not close in the HTML being parsed. Because...

9.8CVSS6.9AI score0.1082EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2018/09/16 12:0 a.m.507 views

spamassassin -- multiple vulnerabilities

the Apache Spamassassin project reports: In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag does not close in the HTML being parsed. Because ...

7.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/01/22 12:0 a.m.34 views

Debian DSA-4092-1 : awstats - security update

The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.8CVSS7.7AI score0.04352EPSS
Exploits0References6
Mageia
Mageia
added 2018/01/03 3:50 p.m.48 views

Updated perl packages fix security vulnerability

John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory without the user realising and potentially leading to privilege escalation...

9.1CVSS0.8AI score0.06207EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2017/10/13 12:0 a.m.25 views

rubygem-passenger -- arbitrary file read vulnerability

Phusion reports: The cPanel Security Team discovered a vulnerability in Passenger that allows users to list the contents of arbitrary files on the system. CVE-2017-16355 has been assigned to this issue...

4.7CVSS5.5AI score0.00358EPSS
Exploits0References1
Rows per page
Query Builder