67 matches found
Command injection
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The exploit has been...
Command injection
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
Command injection
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-0649 dst-admin sendBroadcast command injection
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-0649 dst-admin sendBroadcast command injection
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-0649
CVE-2023-0649 affects dst-admin 1.5.0, with a flaw in the /home/sendBroadcast code path where manipulating the message parameter enables remote command injection. Multiple sources confirm a critical issue with remote exploit capability and public disclosure. The underlying impact is command execu...
CVE-2023-0648
CVE-2023-0648 affects dst-admin 1.5.0, with a command injection in the /home/masterConsole area caused by manipulation of the command argument. It can be exploited remotely and the exploit has been publicly disclosed. Some connected sources note a workaround (restrict access to the command argume...
CVE-2023-0648 dst-admin masterConsole command injection
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-0647
CVE-2023-0647 affects dst-admin 1.5.0. The vulnerability resides in an unknown function targeting the file /home/kickPlayer, where manipulating the argument userId leads to a remote command injection. The exploit has been disclosed publicly. Multiple sources corroborate a remote attack scenario w...
CVE-2023-0647 dst-admin kickPlayer command injection
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The exploit has been...
CVE-2023-0646 dst-admin cavesConsole command injection
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2023-0646
CVE-2023-0646 affects dst-admin 1.5.0. The vulnerability arises from an unknown functionality in the file /home/cavesConsole where manipulation of the command argument enables remote command injection. Exploitation has been publicly disclosed. Multiple connected sources identify this as a remote-...
CVE-2023-0646 dst-admin cavesConsole command injection
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed ...
PT-2023-16424 · Dst-Admin · Dst-Admin
Name of the Vulnerable Software and Affected Versions: dst-admin version 1.5.0 Description: A critical issue has been found in the software, affecting some unknown functionality of the file /home/kickPlayer. The manipulation of the userId argument leads to command injection. The attack can be...
PT-2023-16423 · Dst-Admin · Dst-Admin
Name of the Vulnerable Software and Affected Versions: dst-admin version 1.5.0 Description: A critical vulnerability was found in dst-admin, affecting an unknown functionality of the file /home/cavesConsole. The manipulation of the command argument leads to command injection. The attack can be...
dst-admin 命令注入漏洞
dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file /home/cavesConsole, which can be injected with the parameter command...
dst-admin 命令注入漏洞
dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file /home/sendBroadcast that can be injected via the parameter message...
dst-admin 命令注入漏洞
dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file home/masterConsole, which can be injected with the parameter command...
PT-2023-16426 · Dst-Admin · Dst-Admin
Name of the Vulnerable Software and Affected Versions: dst-admin version 1.5.0 Description: A critical issue has been found, affecting unknown code in the file /home/sendBroadcast. The manipulation of the message argument leads to command injection. This issue can be exploited remotely...
dst-admin 命令注入漏洞
dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file /home/kickPlayer that can be injected with the parameter userId...