13 matches found
mongo-express Remote Code Execution
mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the toBSON method and misuse the vm dependency to perform exec commands in a non-safe environment. id: CVE-2019-10758 info: name: mongo-express Remote Code Execution author: princechaddha severity: critical...
Mongo-Express < 0.54.0 RCE (CVE-2019-10758)
Binary data mongoexpressCVE-2019-10758dc.nbin...
Mongo-Express < 0.54.0 RCE
The version of the mongo-express Node.js module installed on the remote host is prior to 0.54.0. It is, therefore, affected by a remote code execution vulnerability via endpoints that use the 'toBSON' method. A misuse of the vm dependency allows performing 'exec' commands in a non-safe environmen...
MongoDB mongo-express Remote Code Execution (CVE-2019-10758)
A remote code execution vulnerability exists in MongoDB mongo-express. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
bem-register (>=1.0.0 <=1.0.5), itstep_server (=0.0.1) +4 more potentially affected by CVE-2019-10758 via mongo-express (>=0.19.0 <=0.53.0)
mongo-express NPM version =0.19.0, =1.0.0, =0.1.1, =1.0.0, =1.5.0, =1.6.1 Source cves: CVE-2019-10758 Source advisory: OSV:GHSA-H47J-HC6X-H3QQ...
CVE-2019-10758
creationtimestamp| type| source ---|---|--- 2019-12-30 03:36:07+00:00| published-proof-of-concept| https://github.com/mongo-express/mongo-express/security/advisories/GHSA-h47j-hc6x-h3qq 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-03 23:21:18+00:00| seen|...
Exploit for Code Injection in Mongo-Express_Project Mongo-Express
CVE-2019-10758 PoC Setup docker run -p 27017:27017 -...
CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment...
CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment...
CVE-2019-10758
MongoDB mongo-express ≤0.53.x is vulnerable to Remote Code Execution via endpoints using toBSON, due to unsafe use of the vm module to run exec commands. Affected component: mongo-express server-side routes that invoke toBSON. Root cause: misusing vm to execute commands in a non-safe environment....
CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment...
bem-register (>=1.0.0 <=1.0.5), itstep_server (=0.0.1) +4 more potentially affected by CVE-2019-10758 via mongo-express (>=0.19.0 <=0.53.0)
mongo-express NPM version =0.19.0, =1.0.0, =0.1.1, =1.0.0, =1.5.0, =1.6.1 Source cves: CVE-2019-10758 Source advisory: SNYK:JS-MONGOEXPRESS-473215...
CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...