11231 matches found
Drupal REST Module Remote Code Execution
Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short raises an exception if a string is provided for a value...
WordPress RCE Vulnerability (CVE-2019-8942) - Windows
WordPress allows remote code execution RCE because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif...
WordPress RCE Vulnerability (CVE-2019-8942) - Linux
WordPress allows remote code execution RCE because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif...
Highly Critical Drupal CMS Flaw Affects Millions of Websites
The Drupal open-source content management system platform has issued an advisory for a highly critical remote-code execution RCE flaw in the Drupal core. The vulnerability CVE-2019-6340 arises from the fact that “some field types do not properly sanitize data from non-form sources,” according to...
Drupal RCE Vulnerability (SA-CORE-2019-003) - Linux
Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Drupal RCE Vulnerability (SA-CORE-2019-003) - Windows
Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Kanboard 1.2.7 Code Execution / Cross Site Request Forgery
Feb 11 2019 Kanboard 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker t...
ISPConfig Arbitrary File Inclusion (CVE-2018-17984)
An arbitrary file inclusion vulnerability exists in ISPConfig. This vulnerability is due to insufficient validation of user input. Successful exploitation results in RCE under the security context of the target application...
GHSA-MM7H-323R-9P4G Downloads Resources over HTTP in imageoptim
imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...
Downloads Resources over HTTP in imageoptim
imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...
Downloads Resources over HTTP in operadriver
operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...
mIRC Remote Command Execution
Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...
SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool
SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform...
AVEVA InduSoft Web Studio / InTouch Edge HMI Command 66 RCE
Binary data scadaavevaiwsitehcmd66rce.nbin...
Microsoft Office 2016 Multiple RCE Vulnerabilities (KB4018294)
This host is missing an important security update according to Microsoft KB4018294 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Beward IP Camera Root RCE Vulnerability (Feb 2019) - Active Check
The remote installation of Beward SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:beward"; ifdescription...
CVE-2019-5596
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...
Remote code execution
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7731
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...