CVE-2026-44128

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval...

CVE-2026-44128

CVE-2026-44128 affects SEPPmail Secure Email Gateway prior to version 15.0.2.1. The root cause is unauthenticated remote code execution caused by passing attacker-controlled input from a parameter to Perl’s eval in the new GINA UI. This leads to full compromise without authentication, as indicate...

CVE-2026-44128 Unauthenticated Remote Code Execution

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval...

CVE-2026-44128 Unauthenticated Remote Code Execution

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval...

PT-2026-38960

Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.2.1 Description The new GINA UI contains a flaw that allows unauthenticated remote code execution. This occurs because an endpoint passes attacker-controlled input from a parameter to the Pe...

TWiki Debugenableplugins Remote Code Execution Exploit

TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: http://metasploit.com/download...

TWiki Debugenableplugins - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'TWiki Debugenableplugins Remote Code Execution', 'Description' = %q TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug...

TWiki Debugenableplugins Remote Code Execution

TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

TWiki MAKETEXT Remote Command Execution Vulnerability

Exploit for unix platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Foswiki MAKETEXT - Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Foswiki MAKETEXT Remote Command...

CVE-2002-1753

csNewsPro.cgi in CGIScript.net csNews Professional csNewsPro allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

CVE-2002-1752

csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

CVE-2003-0770

FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement...

Ikonboard FUNC.pm lang Cookie Arbitrary Command Execution

The remote server is running IkonBoard, a forum management CGI. The installed version fails to properly sanitize the 'lang' cookie when it contains illegal characters. An attacker, exploiting this flaw, could execute arbitrary code on the remote host when the cookie is inserted into a Perl 'eval'...

CVE-2002-1753

csNewsPro.cgi in CGIScript.net csNews Professional csNewsPro allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

PT-2002-2472 · Cgiscript.Net · Cgiscript.Net Csguestbook

Name of the Vulnerable Software and Affected Versions: CGISCRIPT.NET csGuestbook version 1.0 Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through the /csGuestbook.cgi API...