Webuzo 2.1.3 - Multiple Vulnerabilities

Exploit Title: Webuzo Multiple Vulnerabilities Date: 7 October 2013 Exploit Author: Mahendra Vendor Homepage: www.webuzo.com Software Link: http://downloads.webuzo.com/va.php Version: 2.1.3, other version might be vulnerable. Tested on: CentOS release 6.2 FINAL CVE : CVE-2013-6041, CVE-2013-6042,...

Webuzo 2.1.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Webuzo Multiple Vulnerabilities Date: 7 October 2013 Exploit Author: Mahendra Vendor Homepage: www.webuzo.com Software Link: http://downloads.webuzo.com/va.php Version: 2.1.3, other version might be vulnerable. Tested on: CentOS...

PT-2013-08: Remote OS Command Execution in Oracle Siebel CRM

The specialists of the Positive Research center have detected a Remote OS Command Execution vulnerability in Oracle Siebel CRM. An attacker is able to execute arbitrary commands on the target system with current user's privileges and also access its file system using eScript embedded tools. How t...

Spring Source OXM Remote OS Command Injection when XStream and IBM JRE are used

Reference: http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/oxm.htmld0e26722 Product: Spring Source OXM Object/XML Mapping Vendor: VMware Vulnerable Version: 3.0.4 only when XStream and IBM JRE are used Status: Fixed Vendor Notification: 12 October 2010 Vendor Fix:...

Spring Source OXM 3.0.4 Command Injection

Reference: http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/oxm.htmld0e26722 Product: Spring Source OXM Object/XML Mapping Vendor: VMware Vulnerable Version: 3.0.4 only when XStream and IBM JRE are used Status: Fixed Vendor Notification: 12 October 2010 Vendor Fix:...