11 matches found
Websvn <2.6.1 - Remote Code Execution
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. id: CVE-2021-32305 info: name: Websvn 2.6.1 - Remote Code Execution author: gy741 severity: critical description: WebSVN before 2.6.1 allows remote attackers to execute...
WebSVN Remote Code Execution (CVE-2021-32305)
A remote code execution vulnerability exists in WebSVN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
Websvn 2.6.0 Remote Code Execution
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...
Websvn 2.6.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE : CVE-2021-32305 import...
CVE-2021-32305
creationtimestamp| type| source ---|---|--- 2021-06-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/50042 2021-09-02 09:56:23+00:00| seen| MISP/2e8cebbe-4ab2-4eb0-bd6e-e8193972cf4e 2021-09-21 04:42:27+00:00| seen| https://t.me/pwnwikizhchannel/691 2023-04-27 09:58:59+00:00|...
[ASA-202105-16] websvn: arbitrary command execution
Arch Linux Security Advisory ASA-202105-16 ========================================== Severity: High Date : 2021-05-25 CVE-ID : CVE-2021-32305 Package : websvn Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1969 Summary ======= The package websvn before...
CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
CVE-2021-32305
WebSVN (versions prior to 2.6.1) is affected by CVE-2021-32305, a remote code execution vulnerability where an attacker can inject shell metacharacters via the search parameter to execute arbitrary commands on the server. The issue is caused by unsafely handling the search input and is rated high...