11231 matches found
CVE-2019-7731
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7731
Concrete details found: CVE-2019-7731 affects MyWebSQL 3.7 with a remote code execution vulnerability. The root cause described across sources is that an attacker can write shell code into the database and trigger the Backup Database function using a .php filename for the archive, enabling RCE. C...
Remote Code Execution (RCE)
handlebars is vulnerable to remote code execution. Access to the constructor in templates is not prohibited, allowing an attacker to inject arbitrary templates into the Handlebars setup and execute arbitrary code...
Indusoft Web Studio 8.1 SP2 - Remote Code Execution
Indusoft Web Studio 8.1 SP2 - Remote Code Execution Exploit Title: Indusoft Web Studio Unauthenticated RCE Date: 02/04/2019 Exploit Author: Jacob Baines Vendor Homepage: http://www.indusoft.com/ Software http://www.indusoft.com/Products-Downloads/Download-Library Version: 8.1 SP2 and below Tested...
Indusoft Web Studio 8.1 SP2 - Remote Code Execution Exploit
Exploit Title: Indusoft Web Studio Unauthenticated RCE Exploit Author: Jacob Baines Vendor Homepage: http://www.indusoft.com/ Software http://www.indusoft.com/Products-Downloads/Download-Library Version: 8.1 SP2 and below Tested on: Windows 7 running the Web Studio 8.1 SP2 demo app CVE :...
CVE-2018-20768
CVE-2018-20768 affects Xerox WorkCentre models (3655/3655i, 58XX/58XXi, 59XX/59XXi, 6655/6655i, 72XX/72XXi, 78XX/78XXi, 7970/7970i, EC7836/EC7856) prior to firmware R18-05 073.xxx.0487.15000. The vulnerability lets an attacker execute PHP code by abusing a writable file on the device, with networ...
LibreOffice RCE Vulnerability (Feb 2019) - Mac OS X
LibreOffice is prone to a remote code execution RCE vulnerability. This VT is a duplicate of VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
LibreOffice RCE Vulnerability (Feb 2019) - Mac OS X
LibreOffice is prone to a remote code execution RCE vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
LibreOffice RCE Vulnerability (Feb 2019) - Windows
LibreOffice is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache OpenOffice Remote Code Execution Vulnerability (Feb 2019) - Windows
Apache OpenOffice Writer is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP
SSRF protocol smuggling involves an attacker injecting one TCP protocol into a dissimilar TCP protocol. A classic example is using gopher i.e. the first protocol to smuggle SMTP i.e. the second protocol: 1 |...
U.S. Dept Of Defense: RCE on https://█████/ Using CVE-2017-9248
Summary: https://█████████/ is hosting an unpatched version of the Telerik DialogHandler Telerik.Web.UI.DialogHandler.aspx allowing for the machine key to be brute forced. The machine key can be used to access the DNN file manager to upload arbitrary files including ASPX giving a web shell and RC...
NextGen Gallery <= 3.1.5 - Authenticated PHP Object Injection
Legacy serialization handling allows unserialize of user input for low privileged users, leading to RCE...
SpeakUp Linux Backdoor Sets Up for Major Attack
LAS VEGAS — A backdoor trojan dubbed “SpeakUp” has been spotted exploiting the Linux servers that run more than 90 percent of the top 1 million domains in the U.S. It uses a complex bag of tricks to infect hosts and to propagate, which analysts say could indicate that it’s poised for a major...
CVE-2018-17684
Foxit Reader (Windows) vulnerable to remote code execution in version 9.2.0.9297 and earlier due to a isPropertySpecified handling flaw that lacks object-existence validation. Exploitation requires user interaction (malicious page/file). Impact is execution in the current process context; advisor...
Splunk Enterprise 7.2.3 - (Authenticated) Custom App Remote Code Execution
Splunk Enterprise 7.2.3 - Authenticated Custom App Remote Code Execution !/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Date: January 23, 2019 Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link:...
Splunk Enterprise 7.2.3 Command Execution
!/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Date: January 23, 2019 Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html Version: 7.2.3 Tested on: kali...
Splunk Enterprise 7.2.3 - Authenticated Custom App Remote Code Execution Exploit
Exploit for windows platform in category web applications !/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html...
Splunk Enterprise 7.2.3 - (Authenticated) Custom App Remote Code Execution
!/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Date: January 23, 2019 Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html Version: 7.2.3 Tested on: kali...
Fedora 29 : php-horde-Horde-Form (2019-8fe9d427f1)
HordeForm 2.0.19 - mjr SECURITY: Prevent RCE vulnerability due to potential directory traversal in Image uploads An independent security researcher has reported this vulnerability to SecuriTeam Secure Disclosure program. Note that Tenable Network Security has extracted the preceding description...