Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2016/10/05 12:0 a.m.31 views

Tuleap PHP Unserialize Code Execution (CVE-2014-8791)

This module exploits a PHP object injection vulnerability. Tuelap could be abused to allow authenticated users to execute arbitrary code with the permissions of the web server. This could lead to execute PHP code on the server...

6CVSS7.5AI score0.14766EPSS
Exploits7
Circl
Circl
added 2014/12/15 12:0 a.m.22 views

CVE-2014-8791

creationtimestamp| type| source ---|---|--- 2014-12-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35545 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/tuleapunserializeexec.rb 2025-02-06 03:13:42+00:00|...

6CVSS5.7AI score0.14766EPSS
Exploits7References2
Packet Storm
Packet Storm
added 2014/12/12 12:0 a.m.41 views

Tuleap PHP Unserialize Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Tuleap PHP Unserialize Code Execution', 'Description' = %q This module exploits a PHP object injection vulnerability in Tuelap...

6CVSS0.3AI score0.14766EPSS
Exploits7
CVE
CVE
added 2014/12/02 1:0 a.m.56 views

CVE-2014-8791

CVE-2014-8791 affects Tuleap up to version 7.6-4. The vulnerability resides in the /src/www/project/register.php path where the data parameter is unserialized, allowing PHP object injection and potential arbitrary code execution when sys_create_project_in_one_step is disabled. The issue requires ...

6CVSS7.4AI score0.14766EPSS
Exploits7References5Affected Software1
Rows per page
Query Builder