os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

Security update for go1.24-openssl

This security update of go1.24-openssl fixes the following issues: Update to version 1.24.6 cut from the go1.24-fips-release branch at the revision tagged go1.24.6-1-openssl-fips. Refs jscSLE-18320 Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length...

Command Injection

git-pull-or-clone is vulnerable to command injection. A remote attacker is able to inject malicious command-line arguments to be executed on the OS through the gitClone function via the --upload-pack feature of git...

PT-2022-2710 · Cisco · Cisco Iox +2

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: The issue exists due to inadequate protection of the web page structure in the Cisco IOx application hosting environment on multiple Cisco platforms. This could allow an attacker to injec...

smartermail 7.3 & 7.4 - Multiple Vulnerabilities

No description provided by source. Author: Hoyt LLC Research | http://xss.cx | http://cloudscan.me Identified: October 28, 2010 Vendor: SmarterTools Application: SmarterMail 7.x Bugs: Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection, LDAP...

P.A.S. (php web-shell)

P.A.S. v.3.0.x Возможности : - Авторизация по кукам. - Шифрование шелла по вашему паролю сразу при скачивании. - Файловый менеджер : групповое удаление, перемещение, копирование, скачка и загрузка файлов и директорий. переименование и создание файлов и директорий. правка, просмотр, изменении...

SmarterMail 7.3 and 7.4 Multiple Vulnerabilities

Exploit for php platform in category web applications Vendor: SmarterTools Application: SmarterMail 7.x Bugs: Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection, LDAP Injection, DoS Patch: The Vendor has released SmarterMail Version 8 at URI...

SmarterMail 7.3/7.4 - Multiple Vulnerabilities

Author: Hoyt LLC Research | http://xss.cx | http://cloudscan.me Identified: October 28, 2010 Vendor: SmarterTools Application: SmarterMail 7.x Bugs: Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection, LDAP Injection, DoS Patch: The Vendor has...

SmarterMail 7.37.4 - Multiple Vulnerabilities

SmarterMail 7.37.4 - Multiple Vulnerabilities Author: Hoyt LLC Research | http://xss.cx | http://cloudscan.me Identified: October 28, 2010 Vendor: SmarterTools Application: SmarterMail 7.x Bugs: Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection,...