Exploit for OS Command Injection in Siemens Brownfield_Connectivity_Gateway

CVE-2022-1292 POC !POC Screenshothttps://user-images.github...

OS Command Injection

rack is vulnerable to OS command injection. The vulnerability exists in log function in CommonLogger and Lint middleware because of the escape sequences which allows an attacker to execute shell commands...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel Firewall Command Injection Vulnerability...

sharp 操作系统命令注入漏洞

sharp is a program by the individual developers at lovell for converting large images in common formats into smaller, web-friendly JPEG, PNG, WebP, GIF and AVIF images of different sizes. An operating system command injection vulnerability exists in versions prior to sharp 0.30.5. An attacker can...

GHSA-CJ7G-H7RF-H8J9 Apache Superset OS Command Injection

While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s os package in the web application process in versions 0.37.1. It was thus...

Apache Superset OS Command Injection

While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s os package in the web application process in versions 0.37.1. It was thus...

Magento OS Command Injection

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for...

GHSA-W2P4-2C8C-2G7H Magento OS command injection via the customer attribute save controller

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required...

Magento OS command injection via the customer attribute save controller

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required...

GHSA-38F9-4VHQ-9CR8 Zen Cart vulnerable to authenticated remote code execution

Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element within the modules edit page and inserting a command...

GHSA-JQ84-6FMM-6QV6 OS command execution vulnerability in Perfecto Plugin

Perfecto Plugin allows specifying Perfecto Connect Path and Perfecto Connect File Name in job configurations. This command is executed on the Jenkins controller in Perfecto Plugin 1.17 and earlier, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controlle...

OS command execution vulnerability in Perfecto Plugin

Perfecto Plugin allows specifying Perfecto Connect Path and Perfecto Connect File Name in job configurations. This command is executed on the Jenkins controller in Perfecto Plugin 1.17 and earlier, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controlle...

Node-Traceroute RCE Vulnerability

The traceroute aka node-traceroute package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character...

GHSA-H5MV-FV98-GQMQ OS command injection vulnerability in Jenkins Play Framework Plugin

A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file. Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by use...

OS command injection vulnerability in Jenkins Play Framework Plugin

A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file. Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by use...

GHSA-RP4X-XPGF-4XV7 Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection

Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints. This allows attackers to perform the following actions: - Restart the Selenium Grid hub. - Delete or replace the plugin configuration. - Start, stop, or restart Selenium configurations on specific nodes. Through...

Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection

Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints. This allows attackers to perform the following actions: - Restart the Selenium Grid hub. - Delete or replace the plugin configuration. - Start, stop, or restart Selenium configurations on specific nodes. Through...

chrome-launcher subject to OS Command Injection

chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the $HOME environment variable in Linux operating systems. This issue is patched in version 0.13.2...

GHSA-8CXP-CJM8-FJ36 Improper Neutralization of Special Elements used in an OS Command in Blamer

Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer...

Improper Neutralization of Special Elements used in an OS Command in Blamer

Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer...