19 matches found
CVE-2026-30352
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
CVE-2026-30352
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
EUVD-2026-25863
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
CVE-2026-30352
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
CVE-2026-30352
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
PT-2026-35440
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
CVE-2026-30352
A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...
AutoForge 命令注入漏洞
AutoForge is an intelligent coding proxy tool open source by AutoForgeAI. Version 79d02a of AutoForge has a command injection vulnerability, which stems from the /devserver/start endpoint’s command injection. This vulnerability could allow attackers to execute arbitrary code...
CVE-2026-30352
CVE-2026-30352 concerns the leonvanzyl autocoder project, specifically the /devserver/start endpoint. The connected data identify a remote code execution (RCE) vulnerability triggered by supplying a crafted command parameter, enabling arbitrary code execution with network access and no user inter...
Malicious Package
Overview webpack-dev-server.legacy is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
EasyPHP Devserver Insecure File Permissions Vulnerability
EasyPHP Devserver is a server developed by NodeJS, its goal is to assist in debugging some front-end effects that require server support. An insecure file permission vulnerability exists in EasyPHP Devserver version 16.1.1, which can be exploited by a local attacker to gain access to globally...
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Title: EasyPHP Devserver Insecure File Permissions Privilege Escalation Application: EasyPHP Devserver Versions Affected: 16.1 Vendor URL: http://www.easyphp.org/ Discovered by: Ashiyane Digital Security Team Micle Tested on: Windows 10...
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation
Title: EasyPHP Devserver Insecure File Permissions Privilege Escalation Application: EasyPHP Devserver Versions Affected: 16.1 Vendor URL: http://www.easyphp.org/ Discovered by: Ashiyane Digital Security Team Micle Tested on: Windows 10 Professional x86 Bugs: Insecure File Permissions Privilege...
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation Title: EasyPHP Devserver Insecure File Permissions Privilege Escalation Application: EasyPHP Devserver Versions Affected: 16.1 Vendor URL: http://www.easyphp.org/ Discovered by: Ashiyane Digital Security Team Micle Tested o...
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
Exploit for php platform in category web applications + Credits: John Page aka hyp3rlinx Vendor: =============== www.easyphp.org Product: ============================= EasyPHP Devserver v16.1.1 easyphp-devserver-16.1.1-setup.exe hash: 64184d330a34be9e6c029ffa63c903de A complete WAMP environment f...
EasyPHP Devserver Remote Command Execution Vulnerability
EasyPHP is a Windows Apache + Mysql + Perl/PHP/Python development kit , the package integrates PHP, Apache, MySQL, but also integrated a number of auxiliary development tools . A remote command execution vulnerability exists in EasyPHP Devserver running on port 1111, which can be exploited to...
EasyPHP Devserver 16.1.1 Cross Site Request Forgery / Remote Command Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYPHP-DEV-SERVER-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: =============== www.easyphp.org Product: ============================= EasyPHP Devserver v16.1.1...
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYPHP-DEV-SERVER-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: =============== www.easyphp.org Product: ============================= EasyPHP Devserver v16.1.1...
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYPHP-DEV-SERVER-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: ===============...