UBUNTU-CVE-2018-10016

Netwide Assembler NASM 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file...

Netwide Assembler De-Zero Vulnerability

Netwide Assembler NASM is a portable, modular 80x86 and x86-64 assembler. A divide-by-zero vulnerability exists in the expr5 function in asm/eval.c in Netwide Assembler NASM 2.14rc0. An attacker can exploit this vulnerability via a malformed input file to cause a divide-by-zero error...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-8756

YzmCMS v3.7.1 is affected by CVE-2018-8756 due to an eval injection in yzmphp/core/function/global.func.php. The vulnerability allows remote code execution via PHP code supplied in the POST data of the request index.php?m=member&c=member_content&a=init. The connected CNVD/CNVD-derived records cor...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-1000070

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...

Design/Logic Flaw

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...

CVE-2018-1000070

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...

CVE-2018-1000070

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...

CVE-2018-1000070

CVE-2018-1000070 relates to Bitmessage PyBitmessage. The connected CNVD/CNVD-2018-07896 and CNVD-derived entries confirm a vulnerability in the file src/messagetypes/init .py, in the function constructObject, within PyBitmessage v0.6.2 and later (introduced around commit 8ce72d8d...), that enable...

WordPress Users Warned of Malware Masquerading as ionCube Files

Security researchers are warning WordPress and Joomla admins of a sneaky new malware strain masquerading as legitimate ionCube files. The malware, dubbed ionCube Malware, is used by cybercriminals to create backdoors on vulnerable websites allowing them to steal data or plant more malware. In the...

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...

GLSA-201711-15 : PHPUnit: Remote code execution

The remote host is affected by the vulnerability described in GLSA-201711-15 PHPUnit: Remote code execution When PHPUnit is installed in a production environment via composer and these modules are in a web accessible directory, the eval-stdin.php file in PHPUnit contains vulnerable statements tha...

Tuleap 9.6 Second-Order PHP Object Injection

This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap = 9.6 which could be abused by authenticated users to execute...

GHSA-5J3G-JFQ3-7JWX Arbitrary JavaScript Execution in bassmaster

A vulnerability exists in bassmaster = 1.5.1 that allows for an attacker to provide arbitrary JavaScript that is then executed server side via eval. Recommendation Update to bassmaster version 1.5.2 or greater...

Sandbox Breakout / Arbitrary Code Execution

Overview Affected versions of static-eval pass untrusted user input directly to the global function constructor, resulting in an arbitrary code execution vulnerability when user input is parsed via the package. Proof of concept var evaluate = require'static-eval'; var parse =...

Sql injection

Eval injection vulnerability in the fmsaveHelperGatherItems function in ajax.php in the Form Manager plugin before 1.7.3 for WordPress allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2015-7806

The CVE-2015-7806 issue affects the WordPress Form Manager plugin (prior to 1.7.3). The vulnerability is in the fm_saveHelperGatherItems function of ajax.php, enabling remote code execution via unspecified vectors. Multiple sources confirm RCE potential, including CNVD and WPVulndB entries noting...

Internet Bug Bounty: Interger overflow in eval trigger write out of bound

Hi security team, i reported some samples triggered crash in eval funtion in perl. The bug come because variable start and items used type I32 which takes half the range of linet and folds it into negative numbers, leading to trying to store the lines at negative indexes...