CVE-2020-2028

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier...

CVE-2020-2029

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions ...

CVE-2020-2029

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions ...

Command injection

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions ...

CVE-2020-2029

CVE-2020-2029 is an OS command injection vulnerability in PAN-OS web management interface. Authenticated administrators can execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for PAN-OS configuration. Affected are PAN-OS 8.0 (all version...

CVE-2020-2028

CVE-2020-2028 describes an OS command injection vulnerability in Palo Alto Networks PAN-OS management server that allows authenticated administrators to execute arbitrary commands with root privileges when uploading a new certificate in FIPS-CC mode. Affected products/versions are PAN-OS 7.1.x, a...

CVE-2020-2028 PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier...

CVE-2020-13978

Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the admin/index.php?id=themes&action=editchunk URI. NOTE: there is no indication that the Edit Chunk...

CVE-2020-13978

Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the admin/index.php?id=themes&action=editchunk URI. NOTE: there is no indication that the Edit Chunk...

CVE-2020-13978

Monstra CMS 3.0.4 is affected by a command-injection style issue: an attacker with existing administrative access can modify .chunk.php files via the Edit Chunk screen and trigger arbitrary OS commands through the Theme Module by visiting admin/index.php?id=themes&action=edit_chunk. The Red Hat/R...

Cayin Signage Media Player 3.0 Root Remote Command Injection

Summary CAYIN Technology provides Digital Signage solutions, including media players, servers, and software designed for the DOOH Digital Out-of-home networks. We develop industrial-grade digital signage appliances and tailored services so you don't have to do the hard work. Description CAYIN...

Cayin Content Management Server 11.0 Root Remote Command Injection

Summary CAYIN Technology provides Digital Signage solutions, including media players, servers, and software designed for the DOOH Digital Out-of-home networks. We develop industrial-grade digital signage appliances and tailored services so you don't have to do the hard work. Description CAYIN CMS...

Cayin Signage Media Player 3.0 Root Remote Command Injection

!/usr/bin/env python3 Cayin Signage Media Player 3.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.com Affected version: SMP-8000QD v3.0 SMP-8000 v3.0 SMP-6000 v3.0 Build 19025 SMP-6000 v1.0 Build 14246 SMP-6000 v1.0 Build 14199 SMP-6000...

bakersdrivethru.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1182912 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2020-2200

Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master...

CVE-2020-2200

Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master...

CVE-2020-2200

Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master...

CVE-2020-2200

CVE-2020-2200 concerns the Jenkins Play Framework Plugin (versions 1.0.2 and earlier). The issue arises when a form validation endpoint lets users specify the path to the play command on the Jenkins master, enabling an OS command injection vulnerability exploitable by users who can place a file o...

Exploit for OS Command Injection in Exim

Exim CVE Data Collection Data Collection Related to Exim Vuln...

Exploit for OS Command Injection in Opmantek Open-Audit

CVE-2020-12078 The offi...