5 matches found
CVE-2024-55494
A PHP Code Injection vulnerability that can lead to Remote Code Execution RCE and XSS in Opencode Mobile Collect Call v5.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the opfunc parameter at /occontrolpanel/index.php...
CVE-2024-55494
A PHP Code Injection vulnerability that can lead to Remote Code Execution RCE and XSS in Opencode Mobile Collect Call v5.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the opfunc parameter at /occontrolpanel/index.php...
CVE-2024-55494
creationtimestamp| type| source ---|---|--- 2025-01-09 20:03:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113800185022735237 2025-01-09 20:17:26+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdipetdto2d 2025-01-09 21:57:21+00:00| seen|...
CVE-2024-55494
A PHP Code Injection vulnerability that can lead to Remote Code Execution RCE and XSS in Opencode Mobile Collect Call v5.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the opfunc parameter at /occontrolpanel/index.php...
CVE-2024-55494
CVE-2024-55494 affects Opencode Mobile Collect Call v5.4.7. A PHP Code Injection vulnerability allows an attacker to inject code via a crafted payload into the op_func parameter at /occontrolpanel/index.php, enabling potential Remote Code Execution and XSS. The issue is documented across multiple...