Arbitrary Code Execution

Overview cd-messenger is a console log logger gulp notification browser node message. Affected versions of this package are vulnerable to Arbitrary Code Execution. User input provided to the color argument executed by the eval function resulting in code execution. PoC var a = require"cd-messenger...

Hive 2.0 RC2 XSS / Code Execution / SQL Injection

| Title : Hive v2.0 RC2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : "Powered by DigitalHive" | Tested on: windows 8.1 Français V.Pro | Bug : Stop Script | Download : http:///www.digitalhive.com ======================================= Stop SCript working :...

CVE-2012-5223

The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...

glibc: insufficient quoting in the locale command output

locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...

DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...