9 matches found
Cacti cmd_realtime.php - Command Injection
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
CVE-2024-29895
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
CVE-2024-29895
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
CVE-2024-29895
CVE-2024-29895 affects Cacti 1.3.x DEV builds. The vulnerability is in cmd_realtime.php : when PHP is configured with register_argc_argv = On, the poller_id parameter is taken from $_SERVER['argv'] and can be controlled via URL, enabling unauthenticated command execution (RCE) on the server. The ...
CVE-2024-29895 Cacti command injection in cmd_realtime.php
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
Remote Code Execution (RCE)
buttle is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the lack of sanitization of php filenames, allowing arbitrary code in the filename to be executed when run with the --php-bin option...
WebSPELL <= 4.01.02 (picture.php) File Disclosure Vulnerability
No description provided by source. WebSPELL = 4.01.02 picture.php Remote File Disclosure Vulnerability Discovered by: Trex Visit: www.Trex-Online.net / www.UnderGround.ag Comment: Happy easter! / \ / \ / / / \ \ / \ /\ // / GIVE ME A CARROT OR I WILL \ \O O/ \ BLOW UP YOUR HOUSE / / ^ \ / / /...
BASE base_qry_common.php file include
Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...
BASE base_qry_common.php file include
Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...