8 matches found
EUVD-2013-7254
Malware in sbrugna...
CVE-2013-10035
A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPageAjax.php, and casesSchedulerGetPlugins.php, by supplying...
CVE-2013-10035 ProcessMaker Open Source < 2.5.2 neoclassic Skin PHP Code Execution
A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPageAjax.php, and casesSchedulerGetPlugins.php, by supplying...
CVE-2013-10035 ProcessMaker Open Source < 2.5.2 neoclassic Skin PHP Code Execution
A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPageAjax.php, and casesSchedulerGetPlugins.php, by supplying...
PT-2025-31533 · Undefined · Undefined
A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPage Ajax.php, and cases SchedulerGetPlugins.php, by supplyi...
ProcessMaker Open Source 安全漏洞
ProcessMaker Open Source is a workflow management software from US-based ProcessMaker, Inc. A security vulnerability exists in ProcessMaker Open Source versions 2.0.23 through 2.5.1 that originates from multiple endpoints that do not validate user input and could lead to remote code execution...
ProcessMaker Open Source Authenticated PHP Code Execution
This Metasploit module exploits a PHP code execution vulnerability in the 'neoclassic' skin for ProcessMaker Open Source which allows any authenticated user to execute PHP code. The vulnerable skin is installed by default in version 2.x and cannot be removed via the web interface. This module...
ProcessMaker Open Source Authenticated PHP Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "ProcessMaker Open Source Authenticated PHP Code Execution", 'Description' = %q This module exploits a PHP code execution...