Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2018/12/27 12:0 a.m.11 views

Apache Superset 0.23 Remote Code Execution (CVE-2018-8021)

A remote code execution vulnerability exists in the Apache Superset web application. A remote attacker can exploit this vulnerability by sending a specially crafted request. Successful exploitation could lead to execute arbitrary code on the system...

7.5CVSS7.6AI score0.53934EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/12/04 12:0 a.m.73 views

Apache Superset 0.23 Remote Code Execution

Exploit Title: Apache Superset 0.23 - Remote Code Execution Date: 2018-05-17 Exploit Author: David May [email protected] Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested on: Ubuntu 18.04 CVE-ID:...

0.1AI score0.53934EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/03 12:0 a.m.38 views

Apache Superset 0.23 - Remote Code Execution

Apache Superset 0.23 - Remote Code Execution Exploit Title: Apache Superset ' sys.exit else: Script arguments supersetIP = sys.argv1 supersetPort = sys.argv2 Verify these URLs match your environment loginURL = 'http://' + supersetIP + ':' + supersetPort + '/login/' uploadURL = 'http://' +...

7.5CVSS0.1AI score0.53934EPSS
Exploits5
0day.today
0day.today
added 2018/12/03 12:0 a.m.51 views

Apache Superset 0.23 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: Apache Superset 0.23 - Remote Code Execution Exploit Author: David May email protected Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested o...

9.8AI score0.53934EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/03 12:0 a.m.95 views

Apache Superset < 0.23 - Remote Code Execution

Exploit Title: Apache Superset ' sys.exit else: Script arguments supersetIP = sys.argv1 supersetPort = sys.argv2 Verify these URLs match your environment loginURL = 'http://' + supersetIP + ':' + supersetPort + '/login/' uploadURL = 'http://' + supersetIP + ':' + supersetPort +...

9.8CVSS9.6AI score0.53934EPSS
Exploits5
CVE
CVE
added 2018/11/07 2:0 p.m.256 views

CVE-2018-8021

CVE-2018-8021 concerns Apache Superset pre-0.23, where an unsafe pickle deserialization path can lead to remote code execution. The root cause is the use of an unsafe load method from pickle to deserialize data, enabling an attacker with network access to potentially execute arbitrary code. Multi...

9.8CVSS9.7AI score0.53934EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder