EUVD-2017-15029

Malware in sbrugna...

Phalcon Eye Arbitrary Code Execution Vulnerability

Phalcon is an extension implemented in C. Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tools provide features such as service provisioning, configuration management, and reporting status. An arbitrary code execution vulnerability exists in Phalcon Ey...

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

Authorization

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

CVE-2017-5960

CVE-2017-5960 affects Phalcon Eye up to version 0.4.1. The issue stems from insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php, enabling an attacker to cause the browser to execute arbitra...

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...