15296 matches found
CVE-2023-0862
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...
Design/Logic Flaw
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...
CVE-2023-0862 Path Traversal in NetModule NSRW
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...
CVE-2023-0862 Path Traversal in NetModule NSRW
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...
CVE-2023-0862
The CVE-2023-0862 entry describes a path-traversal vulnerability in NetModule NSRW web administration interface. Affected NSRW versions: 4.3.0.0 before 4.3.0.119, 4.4.0.0 before 4.4.0.118, 4.6.0.0 before 4.6.0.105, and 4.7.0.0 before 4.7.0.103. Attackers could upload malicious files to the web ro...
NetModule NSRW 路径遍历漏洞
NetModule NSRW is a series of router software from NetModule, Inc. A security vulnerability exists in NetModule NSRW that stems from the presence of a path traversal vulnerability, which could lead to arbitrary file uploads and deletions, and could be exploited by an authenticated attacker to...
PT-2023-16568 · Netmodule · Netmodule Nsrw
Name of the Vulnerable Software and Affected Versions: NetModule NSRW versions 4.3.0.0 through 4.3.0.118 NetModule NSRW versions 4.4.0.0 through 4.4.0.117 NetModule NSRW versions 4.6.0.0 through 4.6.0.104 NetModule NSRW versions 4.7.0.0 through 4.7.0.102 Description: The NetModule NSRW web...
CVE-2022-47507
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands...
CVE-2022-38111
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands...
SUSE CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts...
SUSE CVE-2003-0434
Various PDF viewers including 1 Adobe Acrobat 5.06 and 2 Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink...
SUSE CVE-2004-1147
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters...
SUSE CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...
SUSE CVE-2005-0130
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...
SUSE CVE-2005-0230
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...
SUSE CVE-2005-0362
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 "pluginmode", 2 "loadplugin", or 3 "noloadplugin" parameters...
SUSE CVE-2005-0363
awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter...
SUSE CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
SUSE CVE-2005-2148
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the...
SUSE CVE-2005-2547
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...