UBUNTU-CVE-2021-28941

Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or /scripts/magpiesimple.php page, it's possible to request any internal page if you use a https request...

Nagios XI Magpie_debug.php Root Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell. This module requires Metasploit:...

Nagios XI Magpie_debug.php Root Remote Code Execution

This module exploits two vulnerabilities in Nagios XI 'Nagios XI Magpiedebug.php Root Remote Code Execution', 'Description' = %q This module exploits two vulnerabilities in Nagios XI MSFLICENSE, 'Author' = 'Chris Lyne @lynerc', Discovery and exploit 'Guillaume André @yaumn', Metasploit module...

Nagios XI Magpie_debug.php Root Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Nagios XI Magpiedebug.php Root Remote Code Execution", 'Description' = %q This module exploits two vulnerabilities in Nagios XI 5.5.6:...

blogBuddies 0.3 magpie_debug.php url Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15555/info blogBuddies is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

CVE-2010-4825

CVE-2010-4825 is a reflected XSS in the WordPress Twitter Feed plugin (wp-twitter-feed) version 0.3.1, arising from magpie_debug.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML by supplying a crafted value in the url parameter, which is reflected in the gener...

WordPress Twitter Feed Plugin <= 0.3.1 - XSS

Because of this vulnerability in magpiedebug.php, the attackers can inject arbitrary web script or HTML via the "url" parameter. Solution Update the plugin...

RunCMS 2.1 - magpie_debug.php Cross-Site Scripting

RunCMS 2.1 - magpiedebug.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41551/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

CVE-2005-3955

Multiple cross-site scripting XSS vulnerabilities in MagpieRSS 7.1, as used in a blogBuddiesv 0.3, b Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and 2 rssurl parameter to b magpieslashbox.php a...

blogBuddies 0.3 - &#039;magpie_debug.php?url&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/15555/info blogBuddies is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...