22 matches found
Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion
Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via comimagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php. id: CVE-2008-4668 info: name: Joomla! Image Browser 0.1.5 rc2 - Local...
CVE-2026-7653
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function openimageinbrowser of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument imageUrl results in os command injection. The attack is possible to be...
Arbitrary Command Injection
Overview mcp-server-rijksmuseum is a Affected versions of this package are vulnerable to Arbitrary Command Injection via the openimageinbrowser function. An attacker can execute arbitrary operating system commands by manipulating the imageUrl argument remotely. Remediation There is no fixed versi...
CVE-2026-7653
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function openimageinbrowser of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument imageUrl results in os command injection. The attack is possible to be...
CVE-2026-7653
Affected product : r-huijts mcp-server-rijksmuseum (MCP Interface) up to 1.0.4. Vulnerable component/function : open_image_in_browser in src/index.ts. Vulnerability : Performing a manipulation of the argument imageUrl results in an OS command injection. The attack can be carried out remotely (net...
CVE-2026-7653 r-huijts mcp-server-rijksmuseum MCP index.ts open_image_in_browser os command injection
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function openimageinbrowser of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument imageUrl results in os command injection. The attack is possible to be...
Rijksmuseum MCP Server 命令注入漏洞
Rijksmuseum MCP Server is a natural language query tool for museum collections developed by R. Huijts. Versions of Rijksmuseum MCP Server 1.0.4 and earlier had a command injection vulnerability. This vulnerability stemmed from the operation of the openimageinbrowser function in the src/index.ts...
EUVD-2008-4648
Malware in sbrugna...
sd-webui-infinite-image-browsing security vulnerability
sd-webui-infinite-image-browsing is an image browser by zanllp personal developer. A security vulnerability exists in versions prior to sd-webui-infinite-image-browsing 977815a, which stems from a vulnerability that allows a remote attacker to obtain local files if Gradio authentication is enable...
HCView WriteAV Crash PoC
No description provided by source. !/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching imag...
Hardcoreview WriteAV Arbitrary Code Execution
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files...
HCView - WriteAV Crash (PoC)
HCView - WriteAV Crash PoC !/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image...
HCView - WriteAV Crash (PoC)
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
HCView WriteAV Crash Proof Of Concept
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
Hardcorereview WriteAV Arbitrary Code Execution
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
Hardcoreview WriteAV Arbitrary Code Execution Vulnerability
Exploit for windows platform in category local exploits !/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching...
apple ios4.x 拒绝服务漏洞
利用IOS系统自带图片浏览器,浏览特定的图片时,会造成系统卡死,只能强制关机 ios4.x 厂商补丁: Apple ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.apple.com 下载 http://h4cker.us/0day.jpg 然后利用苹果的iTunes导入手机,用系统自带图片浏览器访问图片。...
CVE-2008-4668
Directory traversal vulnerability in the Image Browser comimagebrowser 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php...
Directory traversal
Directory traversal vulnerability in the Image Browser comimagebrowser 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php...
CVE-2008-4668
Joomla! Image Browser 0.1.5 rc2 is vulnerable to Local File Inclusion. The issue arises in com_imagebrowser where a crafted value in the folder parameter of index.php (…/index.php?option=com_imagebrowser&folder=..) can cause the system to include and execute arbitrary local files. Consequences in...