10 matches found
CVE-2024-58298
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
EUVD-2024-55333
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
CVE-2024-58298
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
CVE-2024-58298 Compuware iStrobe Web 20.13 Pre-Auth Remote Code Execution via File Upload
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
CVE-2024-58298
CVE-2024-58298 – Compuware iStrobe Web 20.13 is confirmed to have a pre-authentication remote code execution vulnerability due to a path-traversal in the file upload form. The issue allows unauthenticated attackers to upload JSP files via the fileName parameter, effectively uploading a web shell ...
Compuware iStrobe Web 代码问题漏洞
Compuware iStrobe Web is a mainframe performance analysis and optimization tool from Compuware Corporation. A code issue vulnerability exists in Compuware iStrobe Web version 20.13, which arises from a path traversal in the file upload form that could result in the upload of a JSP webshell and th...
PT-2025-50752
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
BMC Software Compuware iStrobe Web 安全漏洞
BMC Software Compuware iStrobe Web is a product from BMC Software designed for use on workstations in conjunction with the Strobe MVS Application Performance Measurement System. A security vulnerability exists in BMC Software Compuware iStrobe Web version 20.13 that stems from a remote shell uplo...
BMC Compuware iStrobe Web 20.13 Shell Upload
!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...
BMC Compuware iStrobe Web - 20.13 - Pre-auth Remote Code Execution Exploit
!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...