CVE-2014-8686

CodeIgniter vulnerability CVE-2014-8686 (CodeIgniter before 2.2.0) allows attackers to decode and manipulate the ci_session cookie by falling back to a custom XOR-based scheme when the PHP Mcrypt extension is unavailable. Public references describe exploitation via extracting the encryption key, ...

CVE-2014-8686

CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available...

Seagate Business NAS - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class MetasploitModule 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Busine...

CVE-2014-8686

creationtimestamp| type| source ---|---|--- 2015-03-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36264 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/seagatenasphpexecnoauth.rb 2025-02-06 03:13:42+00:00|...