11233 matches found
CVE-2024-22633
Setor Informatica Sistema Inteligente para Laboratorios S.I.L. 388 was discovered to contain a remote code execution RCE vulnerability via the hprinter parameter. This vulnerability is triggered via a crafted POST request...
Exploit for Injection in Arjunsharda Searchor
CVE-2023-43364-Exploit-CVE This is a python script to exploit...
CVE-2024-22632
Setor Informatica Sistema Inteligente para Laboratorios S.I.L. 388 was discovered to contain a remote code execution RCE vulnerability via the hmsg parameter. This vulnerability is triggered via a crafted POST request...
CVE-2024-22633
Setor Informatica Sistema Inteligente para Laboratorios S.I.L. 388 was discovered to contain a remote code execution RCE vulnerability via the hprinter parameter. This vulnerability is triggered via a crafted POST request...
CVE-2024-22633
CVE-2024-22633 affects Setor Informatica Sistema Inteligente para Laboratórios (S.I.L.) 388, with a remote code execution (RCE) via the hprinter parameter triggered by a crafted POST request. The vulnerability is described as critical (CVSS 3.1: 9.8, NETWORK, no user interaction, LOCAL/NEIGHBORHO...
CVE-2024-22632
Setor Informatica Sistema Inteligente para Laboratorios S.I.L. 388 was discovered to contain a remote code execution RCE vulnerability via the hmsg parameter. This vulnerability is triggered via a crafted POST request...
CVE-2024-22144 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.21.96 - Unauthenticated Predictable Nonce Brute-Force Leading to RCE vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows Code Injection.This issue affects Anti-Malware Security and Brute-Force Firewall: from n/a through 4.21.96...
CVE-2024-22144 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.21.96 - Unauthenticated Predictable Nonce Brute-Force Leading to RCE vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows Code Injection.This issue affects Anti-Malware Security and Brute-Force Firewall: from n/a through 4.21.96...
CVE-2023-51482 WordPress Eazy Plugin Manager plugin <= 4.1.2 - Auth. Arbitrary Options Update lead to RCE vulnerability
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Eazy Plugin Manager: from n/a through 4.1.2...
CVE-2023-51482 WordPress Eazy Plugin Manager plugin <= 4.1.2 - Auth. Arbitrary Options Update lead to RCE vulnerability
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Eazy Plugin Manager: from n/a through 4.1.2...
pyLoad allows upload to arbitrary folder lead to RCE
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/appblueprint.py python @bp.route"/render/", endpoint="render" def renderfilename:...
Relate Learning And Teaching System SSTI / Remote Code Execution
Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...
Relate Learning And Teaching System SSTI / Remote Code Execution Vulnerability
Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Batch-Issue Exam Tickets function. Exploit Title: Relate Learning And Teaching system Version before...
Slackware: Security Advisory (SSA:2024-114-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 7 : shim (RHSA-2024:1959)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1959 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...
Exploit for Path Traversal in Jetbrains Teamcity
RCity - CVE-2024-27198 RCE & Admin Account Creation & CVE-20...
GHSA-QMMM-73R2-F8XR @hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCE
Observations The Hoppscotch desktop app takes multiple precautions to be secure against arbitrary JavaScript and system command execution. It does not render user-controlled HTML or Markdown, uses Tauri instead of Electron, and sandboxes pre-request scripts with a simple yet secure implementation...
GHSA-29RC-VQ7F-X335 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...