PC-EGG pWebManager OS Command Injection Vulnerability

PC-EGG pWebManager is a set of static HTML homepage template tool based on PHP language . A security vulnerability exists in PC-EGG pWebManager versions prior to 3.3.10 and pWebManager for PHP4 versions prior to 2.2.2. A remote attacker can exploit this vulnerability to execute arbitrary OS...

CVE-2015-7774

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

Design/Logic Flaw

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

CVE-2015-7774

PC-EGG pWebManager is affected by OS command injection (CWE-78) that can be triggered by a user with editor permissions. Vulnerable versions include pWebManager before 3.3.10 and pWebManager for PHP4 before 2.2.2. A remote authenticated editor can execute arbitrary OS commands on the server. Conn...

CVE-2015-7774

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

JVN#25323093: pWebManager vulnerable to OS command injection

pWebManager provided by PC-EGG Co.,Ltd. contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed on the server by a user logged in with editor permissions. Solution Update the Software Update to the latest version according to the information provided ...