164 matches found
CVE-2018-16785
XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 version, which can be utilized by attackers to create script file to obtain webshell...
CVE-2018-0502
An issue was discovered in zsh before 5.6. The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line...
CVE-2018-0502
An issue was discovered in zsh before 5.6. The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line...
CVE-2018-0502
CVE-2018-0502 affects zsh before 5.6, where the beginning of a shebang script is mishandled, potentially causing an execve call to a program named on the second line. Connected advisories (openSUSE/SUSE/Debian/EulerOS and others) confirm the issue and list zsh as the affected package across multi...
CVE-2018-0502
An issue was discovered in zsh before 5.6. The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line...
CVE-2018-0502
An issue was discovered in zsh before 5.6. The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line...
CVE-2018-13021
An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI...
Privilege escalation
An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
Mitel Connect ONSITE and Mitel ST conferencing component PHP vulnerability (CNVD-2018-07950)
Mitel Connect ONSITE and Mitel ST are both products of Mitel Corporation of Canada.Mitel Connect ONSITE is a unified communications management appliance.ST is a video conferencing product.conferencing component is one of the components with conferencing capabilities. A security vulnerability exis...
Exploit for CVE-2017-8570
This repository contains a Proof of Concept PoC exploit for CVE-2017-8570, a vulnerability in Microsoft Office that allows an attacker to execute arbitrary code by embedding a malicious script in a Rich Text Format RTF file. The exploit uses the "Packager.dll" file-dropping trick to drop a ".sct"...
DomainSale PHP Script SQL Injection Vulnerability
DomainSale PHP Script is a set of scripts for online domain name selling websites based on PHP and MySQL. A SQL injection vulnerability exists in DomainSale PHP Script version 1.0. The vulnerability can be exploited by remote attackers to inject SQL commands by sending the 'id' parameter to the...
Rspamd Cross-Site Scripting Vulnerability
Rspamd is a fast spam filtering system. The system evaluates and filters spam through regular expressions, statistical analysis and blacklists. A cross-site scripting vulnerability exists in the interface/js/app/history.js file of the WebUI in versions of Rspamd prior to 1.6.3. A remote attacker...
FineCMS SQL Injection Vulnerability (CNVD-2017-15546)
FineCMS is a content management system CMS developed using MVC architecture and PDO database interface. An SQL injection vulnerability exists in FineCMS versions 2017-07-12 and earlier. The vulnerability can be exploited by an attacker to obtain data from the database with the help of the...
Cisco Policy Suite Privilege Escalation Vulnerability
A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...
Hardcoded credentials
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...
CSRF vulnerability in the latest version of beecms
beecms is an enterprise website management system based on PHP+Mysql architecture. The latest version of beecms has a CSRF vulnerability. Due to the failure of the add administrator form in the background to protect the token, adminadmin.php 102 lines to start processing add administrator, failed...
Drupal Module CODER 2.5 - Remote Command Execution (Metasploit)
Exploit for php platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal CODER Module Remote Command Execution', 'Description' = %q This module exploits a...
Kovter becomes almost file-less, creates a new file type, and gets some new certificates
Trojan:Win32/Kovter is a well-known click-fraud malware which is challenging to detect and remove because of its file-less persistence on infected PCs. In this blog, we will share some technical details about the latest changes we have seen in Kovter’s persistence method and some updates on their...
Drupal CODER Module Remote Command Execution
This module exploits a Remote Command Execution vulnerability in the Drupal CODER Module. Unauthenticated users can execute arbitrary commands under the context of the web server user. The CODER module doesn't sufficiently validate user inputs in a script file that has the PHP extension. A...