PC-EGG pWebManager OS Command Injection Vulnerability

PC-EGG pWebManager is a set of static HTML homepage template tool based on PHP language . A security vulnerability exists in PC-EGG pWebManager versions prior to 3.3.10 and pWebManager for PHP4 versions prior to 2.2.2. A remote attacker can exploit this vulnerability to execute arbitrary OS...

CVE-2015-7774

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

Design/Logic Flaw

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

CVE-2015-7774

PC-EGG pWebManager is affected by OS command injection (CWE-78) that can be triggered by a user with editor permissions. Vulnerable versions include pWebManager before 3.3.10 and pWebManager for PHP4 before 2.2.2. A remote authenticated editor can execute arbitrary OS commands on the server. Conn...

CVE-2015-7774

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role...

pWebManager vulnerable to OS command injection

Overview pWebManager provided by PC-EGG Co.,Ltd. contains an OS command injection vulnerability CWE-78. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary OS command may be executed on t...

JVN#25323093: pWebManager vulnerable to OS command injection

pWebManager provided by PC-EGG Co.,Ltd. contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed on the server by a user logged in with editor permissions. Solution Update the Software Update to the latest version according to the information provided ...