nginxWebUI 操作系统命令注入漏洞

nginxWebUI is an nginx web configuration tool. An operating system command injection vulnerability exists in nginxWebUI, which stems from the file parameter of the /adminPage/main/upload file failing to properly filter constructed command special characters, commands, and so on. An attacker can...

PT-2024-27508 · Unknown · Cym1102 Nginxwebui

Name of the Vulnerable Software and Affected Versions: cym1102 nginxWebUI versions up to 3.9.9 Description: A critical vulnerability has been found in cym1102 nginxWebUI. This issue affects the handlePath function of the file /adminPage/conf/saveCmd. The manipulation of the nginxPath argument lea...

nginxWebUI 代码问题漏洞

nginxWebUI is an nginx web configuration tool. A deserialization vulnerability exists in nginxWebUI version 3.9.9, which originates from the unsafe deserialization of the nginxExe parameter of the /adminPage/conf/reload file when receiving serialized data submitted by a user, and can be exploited...

PT-2024-27516 · Unknown · Cym1102 Nginxwebui

Name of the Vulnerable Software and Affected Versions: cym1102 nginxWebUI versions up to 3.9.9 Description: A critical vulnerability was found in the cym1102 nginxWebUI, affecting unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection...

Command execution vulnerability in nginxWebUI

nginxWebUI is an open source tool for the web. A command execution vulnerability exists in nginxWebUI. An attacker can exploit the vulnerability to execute arbitrary system commands...