4 matches found
CVE-2021-3317
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shellexec on the original value of the source parameter...
Exploit for OS Command Injection in Klogserver Klog_Server
Information Exploit Title: Klog Server 2.4.1 - Command Inject...
CVE-2021-3317
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shellexec on the original value of the source parameter...
CVE-2021-3317
KLog Server up to version 2.4.1 is affected by an authenticated command injection vulnerability. The issue arises in async.php, where the source parameter is passed to shell_exec() without proper input validation, allowing an attacker with valid credentials to execute arbitrary commands on the se...