3 matches found
Code injection
Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via paneactionbutton.php, and then executing this action via execaction.php...
CVE-2008-6816
Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via paneactionbutton.php, and then executing this action via execaction.php...
CVE-2008-6816
CVE-2008-6816 affects Eaton MGEOPS Network Shutdown Module prior to 3.10 Build 13. An attacker can add a custom action in pane_actionbutton.php and then trigger it via exec_action.php, enabling remote arbitrary code execution. The NASL/NVD data also notes authentication bypass in older versions (...