Mageia: Security Advisory (MGASA-2020-0190)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Engel & Völkers Technology GmbH: Remote Code Execution (RCE) at "juid" parameter in /get_zip.php (printshop.engelvoelkers.com)

Summary Taking advantage of the vulnerability reported in 914194, it has been possible to analyze certain application code and detect remote code execution at https://printshop.engelvoelkers.com/getzip.php?juid=1 due to a lack of sanitization of the inputs received by the web application. This...

Updated crawl packages fix security vulnerability

Updated crawl packages fix security vulnerability crawl 0.24.0 and earlier are subject to possible remote code evaluation with lua loadstring CVE-2020-11722. This update fixes it, also updating crawl from version 0.23.2 to 0.24.1, with the following main gameplay changes: Vampire species simplifi...

MGASA-2020-0190 Updated crawl packages fix security vulnerability

Updated crawl packages fix security vulnerability crawl 0.24.0 and earlier are subject to possible remote code evaluation with lua loadstring CVE-2020-11722. This update fixes it, also updating crawl from version 0.23.2 to 0.24.1, with the following main gameplay changes: Vampire species simplifi...

openSUSE: Security Advisory for crawl (openSUSE-SU-2020:0549-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:0549-1 Security update for crawl

This update for crawl fixes the following issues: CVE-2020-11722: Fixed a remote code evaluation issue with lua loadstring boo1169381 Update to version 0.24.0 Vampire species simplified Thrown weapons streamlined Fedhas reimagined Sif Muna reworked Update to version 0.23.2 Trap system overhaul Ne...

Security update for crawl (moderate)

openSUSE Security Update: Security update for crawl Announcement ID: openSUSE-SU-2020:0549-1 Rating: moderate References: 1169381 Cross-References: CVE-2020-11722 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available...

Zurmo 3.2.6 Out Of Band Code Evaluation

Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6 Information -------------------- Advisory by Netsparker Name: Out of Band Code Evaluation in Zurmo Affected Software: Zurmo Affected Versions: 3.2.6 Homepage: http://zurmo.org Vulnerability: Out of Band Code Evaluation Severity: Critical...

Dolibarr ERP CRM < 7.0.3 - PHP Code Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested...

Dolibarr ERP/CRM &lt; 7.0.3 - PHP Code Injection

Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested on: Unix, Windows Technical Details...

Dolibarr ERPCRM 7.0.3 - PHP Code Injection

Dolibarr ERPCRM 7.0.3 - PHP Code Injection Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3...

Dolibarr ERP CRM 7.0.3 Code Injection

Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested on: Unix, Windows Technical Details...

Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll Code Execution

Novell NetIQ Privileged User Manager version 2.3.1 suffers from a perl code evaluation remote command execution vulnerability in ldapagnteval in ldapagnt.dll. The secure web interface contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This...