7 matches found
CVE-2019-16701
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...
Code injection
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...
CVE-2013-5005
CVE-2013-5005 describes multiple cross-site scripting (XSS) vulnerabilities in Tripwire Enterprise 8.2 and earlier, exploitable via ajaxRequest/methodCall.do. The vulnerability arises through the parameters m_target_class_name, m_target_method_name, or m_request_context_params, which could allow ...
XML-RPC PingBack API Remote DoS Exploit (through xmlrpc.php)
Exploit for php platform in category dos / poc Exploit Title: XML-RPC PingBack API Remote Denial of Service exploit through xmlrpc.php Date: 04/01/2013 Category: Remote Exploit Author: D35m0nd142 Tested on: Debian Linux !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common; use...
Sql injection
SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remote authenticated users to execute arbitrary SQL commands via a parameter value in an XML RPC wp.suggestCategories methodCall, a different vector than CVE-2007-1897...
CVE-2007-3140
SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remote authenticated users to execute arbitrary SQL commands via a parameter value in an XML RPC wp.suggestCategories methodCall, a different vector than CVE-2007-1897...
CVE-2007-3140
SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remote authenticated users to execute arbitrary SQL commands via a parameter value in an XML RPC wp.suggestCategories methodCall, a different vector than CVE-2007-1897...