47 matches found
GHSA-4PC3-96MX-WWC8 Remote code execution in PHPMailer
Impact The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in...
Remote code execution in PHPMailer
Impact The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in...
Command Injection
Dolibarr/dolibarr is vulnerable to command injection. A lack of validation in the $command parameter allows a remote attacker to submit characters that can be used to bypass escapeshellarg and inject arbitrary commands into the affected parameter...
What else should you know about argument injection at OS commanding vulnerabilities
The first research related to this technique, as I believe dated by March 2013. It described the way how to deal with the escapeshellarg and other scaping functions used to sanitize data at shell calls like system, passthru, exec and others. This technique became very popular later, especially...
GitList 0.6.0 - Argument Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "GitList v0.6.0 Argument Injection Vulnerability", 'Description' = %q This module exploits an argument injection vulnerability in GitList v0.6.0...
GitList 0.6 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications ''' Exploit Title: GitList 0.6 Unauthenticated RCE Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
GitList 0.6 - Remote Code Execution
GitList 0.6 - Remote Code Execution ''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
GitList 0.6 Remote Code Execution
Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Bypass/Exploit escapeshellarg using...
GitList 0.6 - Remote Code Execution
''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Bypass/Exploit escapeshellarg...
Remote Code Execution (RCE)
PHPMailer is vulnerable to remote code execution RCE attacks. A malicious user can inject and execute arbitrary code by passing extra parameters to the mail command. This is due to the improper interaction with the library's escapeshellarg function and internal escaping function performed in PHP...
ExpressionEngine: Potential code injection in fun delete_directory
Under /system/ee/legacy/libraries/Functions.php, function deletedirectory contains calls to exec 3 times using different, potentially "unsanitized" paramateres. As the PHP manual suggest, escapeshellarg should be used to sanitize individual arguments 1. On an implementation in which the attacker...
F5 Networks BIG-IP : PHPMailer vulnerability (K73926196)
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOT...
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOT...
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOT...
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOT...
PHP < 5.4.42, 5.5.x < 5.5.26, 5.6.x < 5.6.10 Multiple Vulnerabilities (Aug 2016) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
The vulnerability of the PHP interpreter allows attackers to execute arbitrary operating system commands.
The vulnerability of the escapeshellarg function ext/standard/exec.c in the PHP interpreter exists because measures to neutralize the special elements used in operating system commands are not taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system...
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system functio...
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system functio...
Input validation
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system functio...