CVE-2020-13694

Technical details for CVE-2020-13694 are not provided in the connected documents; the available sources lack affected product/version/impact specifics beyond the initial description. Monitor for updates.

OS Command Injection

jison is vulnerable to OS Command Injection. The vulnerability exists as it does not properly handle the command argument which is used in childprocess.exec...

OS Command Injection

dns-sync is vulnerable to OS command injection. A remote attacker is able to inject and execute arbitrary OS command via a malicious URL...

Online Discussion Forum Site 1.0 - Remote Code Execution

Online Discussion Forum Site version 1.0 suffers from a remote code execution vulnerability. Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage:...

Design/Logic Flaw

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x and before XXXXX-VVTK-0XXXXBeta2 allows an authenticated user to upload and execute a script with resultant execution of OS commands. For example, this affects IT9388-HT devices...

CVE-2019-20807

CVE-2019-20807 affects Vim prior to 8.1.0881, where a user can bypass the rvim restricted mode and run arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, Lua). Affected product: Vim (Unix/Linux environments). Root cause: restricted-mode bypass enabling execution of external comma...

CVE-2019-20807

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces e.g., Python, Ruby, or Lua...

: Pydio Cells 2.04 Multiple Vulnerabilities

1. Advisory Information Title : Pydio Cells 2.04 Multiple Vulnerabilities Advisory ID : CORE-2020-0007 Advisory URL : https://www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilities Date published : 2020-05-28 Date of last update : 2020-05-28 Vendors contacted : Pydio...

Online Discussion Forum Site 1.0 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

Online Discussion Forum Site 1.0 Remote Code Execution

Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

Online Discussion Forum Site 1.0 - Remote Code Execution

Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

CVE-2020-13388

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

Design/Logic Flaw

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

PYSEC-2020-341

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

CVE-2020-13388

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

CVE-2020-13388

The vulnerability CVE-2020-13388 affects the Python jw.util package prior to version 2.3. It arises in the configuration-loading functionality when parsing YAML via FromString/FromStream, because safe_load is not used, allowing an attacker to execute arbitrary Python code and potentially achieve ...

CVE-2020-1956

Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation...

CVE-2020-1956

Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation...

CVE-2020-1956

Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation...

CVE-2020-1956

Apache Kylin CVE-2020-1956 affects 2.3.0 and releases up to 2.6.5 and 3.0.1, where REST APIs concatenate user input into OS commands, enabling likely remote code execution with high impact. Connected documents confirm vulnerable versions and the underlying command injection in the REST layer; som...