EUVD-2002-1059

Malware in sbrugna...

EUVD-2007-3185

Malware in sbrugna...

EUVD-2007-2019

Malware in sbrugna...

EUVD-2007-2020

Malware in sbrugna...

Tuleap < 9.7 Remote OS Command Injection Vulnerability

Tuleap allows command injection via the PhpWiki SyntaxHighlighter plugin. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

Tuleap Project Wiki 8.3 9.6.99.86 - Command Injection

Tuleap Project Wiki 8.3 9.6.99.86 - Command Injection Tuleap - Command Injection in Project Wiki CVE: CVE-2017-7981 CVSSv3: 9.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C Versions affected: = 8.3 and = 9.6.99.86 Introduction Tuleap is a Libre suite to plan, track, code and...

Tuleap 9.6.99.86 Command Injection Vulnerability

Exploit for php platform in category web applications Tuleap - Command Injection in Project Wiki CVE: CVE-2017-7981 CVSSv3: 9.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C Versions affected: = 8.3 and = 9.6.99.86 Introduction Tuleap is a Libre suite to plan, track, code and...

Tuleap Project Wiki 8.3 &lt; 9.6.99.86 - Command Injection

Tuleap - Command Injection in Project Wiki CVE: CVE-2017-7981 CVSSv3: 9.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C Versions affected: = 8.3 and = 9.6.99.86 Introduction Tuleap is a Libre suite to plan, track, code and collaborate on software projects. Tuleap helps development...

CVE-2017-7981

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the procopen PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this...

CVE-2017-7981

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the procopen PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this...

Command injection

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the procopen PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this...

CVE-2017-7981

CVE-2017-7981 affects Tuleap before 9.7, where the Project Wiki uses PHPWiki 1.3.10 with a SyntaxHighlighter plugin. The root cause is a command-injection vector in the SyntaxHighlighter’s handling of the syntax argument, exploited via proc_open in PHP when a project wiki page contains a line lik...

CVE-2017-7981

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the procopen PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this...

Tuleap 9.6.99.86 Command Injection

Tuleap - Command Injection in Project Wiki CVE: CVE-2017-7981 CVSSv3: 9.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C Versions affected: = 8.3 and = 9.6.99.86 Introduction Tuleap is a Libre suite to plan, track, code and collaborate on software projects. Tuleap helps development...

PhpWiki Version Detection

Detection of installed version of PhpWiki. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PhpWiki 1.5.4 Cross Site Scripting / Local File Inclusion

1/ 跨站点脚本漏洞跨站点脚本漏洞允许未经身份验证的远程用户通过GET或POST 参数将任意网页脚本注入代码。Example url:http://192.168.0.10/phpwiki/index.php?pagename=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3C!--Example request:POST /phpwiki/index.php/UserPreferences HTTP/1.1Host: 192.168.0.10User-Agent: Mozilla/5.0...

PHPWiki 1.5.4 Cross Site Scripting / Local File Inclusion

Title: phpwiki 1.5.4 - Cross Site Scripting / Local File Inclusion Date: 29.08.15 Vendor: sourceforge.net/projects/phpwiki/ Affected versions: = 1.5.4 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash Contact: smash at devilteam.pl 1/ Cross Site Scripting Cross-site scripting vulnerabilit...

Phpwiki Ploticus Remote Code Execution Exploit

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Phpwiki Ploticus Remote...

Phpwiki Ploticus Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Phpwiki Ploticus Remote Code Execution', 'Description' = %q The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute...

Phpwiki Ploticus Remote Code Execution

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Phpwiki Ploticus Remote Code...