6 matches found
Numbas < v7.3 - Remote Code Execution Exploit
Exploit Title: Numbas v7.3 - Remote Code Execution Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests, re, argparse, subprocess, time from bs...
Numbas Remote Code Execution
Exploit Title: Numbas v7.3 - Remote Code Execution Google Dork: N/A Date: March 7th, 2024 Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests,...
CVE-2024-27612
Numbas editor before 7.3 mishandles editing of themes and extensions...
CVE-2024-27612
Numbas editor before 7.3 mishandles editing of themes and extensions...
CVE-2024-27612
Numbas editor prior to version 7.3 mishandles editing of themes and extensions, leading to potential remote code execution (as evidenced by public exploits for ≤7.2). Public advisories (PT-2024-21967) recommend updating to 7.3 or later to resolve the issue.
CVE-2024-27612
Numbas editor before 7.3 mishandles editing of themes and extensions...