Lucene search
+L

5 matches found

Nuclei
Nuclei
added yesterday125 views

reNgine 2.2.0 - Command Injection

reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/wafdetector/?url= string. The commands are executed as root via subprocess.checkoutput. id: CVE-2023-50094 info: name: reNgine 2.2.0 - Command Injection...

8.8CVSS8AI score0.1354EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.14 views

CVE-2023-50094

reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/wafdetector/?url= string. The commands are executed as root via subprocess.checkoutput...

8.8CVSS7.5AI score0.1354EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2024/11/23 8:0 p.m.399 views

Exploit for OS Command Injection in Yogeshojha Rengine

reNgine 2.2.0 - Command Injection - CVE-2023-50094 Descri...

8.8CVSS8.6AI score0.1354EPSS
Exploits2
Circl
Circl
added 2024/01/01 7:26 p.m.12 views

CVE-2023-50094

creationtimestamp| type| source ---|---|--- 2024-01-01 19:26:43+00:00| seen| https://t.me/ctinow/161397 2024-01-02 01:31:30+00:00| seen| https://t.me/cibsecurity/74095 2024-01-09 23:17:31+00:00| seen| https://t.me/ctinow/165425 2024-01-22 14:11:35+00:00| seen| https://t.me/ctinow/171170 2024-11-2...

8.8CVSS7.3AI score0.1354EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2024/01/01 12:0 a.m.7 views

CVE-2023-50094

reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/wafdetector/?url= string. The commands are executed as root via subprocess.checkoutput...

9AI score0.1354EPSS
Exploits2References8
Rows per page
Query Builder