19 matches found
SUSE SLED15 / SLES15 Security Update : wicked (SUSE-SU-2026:2349-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2349-1 advisory. This update for wicked fixes the following issue - CVE-2026-44932: indirect remote shell command injection via...
SUSE SLES15 Security Update : wicked (SUSE-SU-2026:2353-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2353-1 advisory. - CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Tenable has extracted the preceding...
Security update for wicked
This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:2354-1 Security update for wicked
This update for wicked fixes the following issues: - CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221...
SUSE-SU-2026:2353-1 Security update for wicked
This update for wicked fixes the following issues: - CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221...
Security update for wicked
This update for wicked fixes the following issue CVE-2026-44932: indirect remote shell command injection via unsanitized DHCP options bsc1265221. Changes for wicked: Update to version 0.6.79 Fix to escape single-quotes in leaseinfo dump output used by the wicked test dhcp4 and wicked test dhcp6 a...
PT-2026-48679
Name of the Vulnerable Software and Affected Versions wicked versions prior to 0.6.79 Description An indirect remote shell command injection exists due to unsanitized DHCP options. The issue involves improper processing of posix-tz-dbname and tz-string options, as well as a failure to escape...
CVE-2026-26478
The vulnerability CVE-2026-26478 affects Mobvoi TicHome Mini smart speakers (models 012-18853 and 027-58389). A shell command injection flaw lets remote attackers craft a UDP datagram to execute arbitrary shell code as root. Details provided indicate impact is root-level code execution via networ...
EasyPHP Webserver PHP Command Execution
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
EasyPHP WebServer v.(all) <= Multiple Vulnerabilities
EasyPHP is Suffer from : + Auth Bypass + Remote Shell Injection / Remote Code Execute The Bug in EasyPHP WebServer Manager found because the PORTAL of Administration doesn't protected ! so just when you found the Admin-Portal - you can bypass the auth directly and remote attacker can get some...
Two security issues fixed in ioQuake3 engine
Hello, Quake 3 is a popular online first person shooter developed by IDsoftware 1 that has been released in 1999 and is still widely played. After the release of the source code under the GPL, the ioQuake3 project 2 was started that is dedicated to maintaining the existing codebase. Several game...
PHP-Nuke <= 8.1.3.5 (Your_Account) Remote Command Exec Exploit
No description provided by source. PHP-Nuke = 8.1.0.3.5b Remote Command Execution Exploit Author/s: Dante90 & yawn Contact Us: www.unitx.net Requirements: magicquotesgpc : off Greetings: [email protected] | [email protected] You will remember, Watson, how the dreadful business of the Abernetty...
RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit
No description provided by source. !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org...
RunCMS 1.6.3 - Remote Shell Injection
!/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org ------------------------------ Discovered o...
WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "--------------------------------------------------------------------\r\n"; echo "| WordPress = 2.0.2 'cache' shell injection exploit |\r\n"; echo "| by rgod [email protected] |\r\n"; echo "| site:...
WordPress Core 2.0.2 - 'cache' Remote Shell Injection
!/usr/bin/php -q -d shortopentag=on ? echo "--------------------------------------------------------------------\r\n"; echo "| WordPress = 2.0.2 'cache' shell injection exploit |\r\n"; echo "| by rgod [email protected] |\r\n"; echo "| site: http://retrogod.altervista.org |\r\n"; echo "| dork:...
WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit
Exploit for unknown platform in category web applications ========================================================= WordPress = 2.0.2 cache Remote Shell Injection Exploit ========================================================= !/usr/bin/php -q -d shortopentag=on ? echo...
phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit
Exploit for unknown platform in category web applications ============================================================= phpMyFAQ = 1.5.1 User-Agent Remote Shell Injection Exploit ============================================================= ?php 17.34 22/09/2005 phpmyfaqxpl.php PhpMyFaq 1.5.1...
phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit
No description provided by source. ?php 17.34 22/09/2005 phpmyfaqxpl.php PhpMyFaq 1.5.1 possibly prior versions shell inject by rgod site: http://rgod.altervista.org make these changes in your php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals = on...