CVE-2020-2000 PAN-OS: OS command injection and memory corruption vulnerability

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

PAN-OS: OS command injection and memory corruption vulnerability

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. Work around: Until PAN-OS software is upgraded to a...

Exploit for OS Command Injection in Webmin

CVE-2019-15107 Python implementation of CVE-2019-15107 Webm...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-2460)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for OS Command Injection in Oscommerce

PoC exploit for CVE-2020-27976, an authenticated remote code exe...

OS Command Injection

vizion is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands via the revertTo function in vizion.js through the revision parameter...

CVE-2020-27976

osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option...

OS Command Injection

gfc is vulnerable to OS command injection. The vulnerability exists through the lack of sanitization of the options argument which leads to passing of untrusted user input to an exec function call...

OS Command Injection

systeminformation is vulnerable to OS command injection. The inetChecksite, services, inetChecksite, inetLatency, networkStats, services and processLoad functions allow an attacker to inject and execute arbitrary OS commands due to insufficient sanitization...

OS Command Injection

systeminformation is vulnerable to OS command injection. The inetChecksite function allows an attacker to inject and execute arbitrary OS commands via curl parameters...

Nagios XI OS Command Injection Vulnerability (CNVD-2020-58765)

Nagios XI and Nagios are both products of Nagios, Inc.Nagios XI is an IT infrastructure monitoring solution. The solution supports monitoring and alerting of applications, services, operating systems, etc. Nagios is an open source, free network monitoring tool. A security vulnerability exists in...

CVE-2020-5791

Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user...

CVE-2020-5791

Nagios XI 5.7.3 contains a CVE-2020-5791 OS command injection in the admin/mibs.php path. An authenticated admin user can exploit improper neutralization of input to execute OS commands with the privileges of the apache (or equivalent webserver) user, enabling remote code execution. Affected prod...

SAP Solution Manager and SAP Focused Run Operating System Command Injection Vulnerability

SAP Solution Manager is a system management platform that integrates multiple functions such as system monitoring, SAP support desktop, self-service, and ASAP implementation. The platform can help customers establish SAP solution lifecycle management, and provide system monitoring, remote support...

OS Command Injection

freespace is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands on the host OS using delimiters such as ; and &&...

CVE-2020-6364 — OS Command Injection Vulnerability in CA Introscope Enterprise Manager (Affected Products: SAP Solution Manager and SAP Focused Run)

SAP Solution Manager and SAP Focused Run update provided in WILYINTROENTERPRISE 9.7, 10.1, 10.5, 10.7, allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection...

VulnCheck KEV: CVE-2020-1956

Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution...

SAP Releases October 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability CVE-2020-6364 affecting SAP Solution Manager and SAP Focused...

Crafter CMS Dynamic Management Code Resource Miscontrol Vulnerability

Crafter CMS is an open source content management system for websites, mobile apps, VR and more. A Dynamic Management Code Resource Miscontrol vulnerability exists in Crafter Studio in Crafter CMS. An attacker can exploit this vulnerability to execute OS commands via objects exposed by FreeMarker...

Security Bulletin: IBM Security Guardium is affected by an OS Command Injection vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4183 DESCRIPTION: IBM Security Guardium is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...