Lucene search
K

4 matches found

CVE
CVE
added 2014/11/28 3:0 p.m.50 views

CVE-2014-7178

Enalean Tuleap prior to 7.5 (listed variants include 7.4.99.5 and earlier; fixed in 7.5) is vulnerable to remote command execution via the User-Agent header passed to the passthru PHP function (via the SVN handler page). This is triggered by crafted requests such as /svn/viewvc.php/?roottype=svn&...

9.3CVSS7.8AI score0.05062EPSS
Exploits6References3Affected Software1
0day.today
0day.today
added 2014/10/29 12:0 a.m.51 views

Enalean Tuleap 7.4.99.5 - Remote Command Execution / Blind SQL Injection Vulnerabilities

Enalean Tuleap versions 7.4.99.5 and below suffer from a remote command execution vulnerability and below suffer from a remote, authenticated blind SQL injection vulnerability Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0...

9.3CVSS0.4AI score0.05062EPSS
Exploits11
Packet Storm
Packet Storm
added 2014/10/28 12:0 a.m.53 views

Tuleap 7.4.99.5 Remote Command Execution

Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer:...

9.3CVSS6.6AI score0.05062EPSS
Exploits6
exploitpack
exploitpack
added 2014/10/28 12:0 a.m.91 views

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Enalean Tuleap 7.4.99.5 - Remote Command Execution Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5...

9.3CVSS0.2AI score0.05062EPSS
Exploits6
Rows per page
Query Builder