CVE-2012-10048

Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...

codecov 参数注入漏洞

codecov is a specialized code coverage solution open-sourced by codecov. A security vulnerability exists in codecov versions prior to 2.0.16, which stems from not cleaning up the gcov parameter before supplying it to the popen method...

UBUNTU-CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

PT-2018-14404 · Asuswrt Merlin · Merlin.Php

Name of the Vulnerable Software and Affected Versions: Merlin.PHP version 0.6.6 Description: An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands due to a popen call in exec.php. The vendor notes that Merlin.PHP is...

Command injection

Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...

CVE-2017-15226

Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...

Updated squirrelmail packages fix security vulnerability

Squirrelmail version 1.4.22 and probably prior is vulnerable to a remote code execution vulnerability because it fails to sanitize a string before passing it to a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server CVE-2017-7692...

CVE-2017-7692

SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The problem is in the...

SquirrelMail -- post-authentication remote code execution

SquirrelMail developers report: SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote...

ClamAV Milter Blackhole-Mode Remote Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ClamAV Milte...

Mandrake Linux Security Advisory : clamav (MDKSA-2007:172)

A vulnerability in ClamAV was discovered that could allow remote attackers to cause a denial of service via a crafted RTF file or a crafted HTML document with a data: URI, both of which trigger a NULL dereference CVE-2007-4510. A vulnerability in clamav-milter, when run in black hole mode, could...

Debian DSA-796-1 : affix - remote command execution

Kevin Finisterre reports that affix, a package used to manage bluetooth sessions under Linux, uses the popen call in an unsafe fashion. A remote attacker can exploit this vulnerability to execute arbitrary commands on a vulnerable system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 796-1] New affix packages fix remote command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 796-1 [email protected] http://www.debian.org/security/ Michael Stone September 1st, 2005 http://www.debian.org/security/faq -...

2dopewars_exploits.txt

two security holes i found for local use in dopewars1.4.7-current. dopewars is setgid=games. by: [email protected]. LOCAL VULNERABILITY 1: insecure popen call, a shell script can handle this. -- dopewars.sh start -- !/bin/sh dopewars.sh1.4.7: shell script by [email protected]. gives...