73 matches found
CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
Code injection
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
CVE-2018-9246
The CVE-2018-9246 issue affects the PGObject::Util::DBAdmin Perl module prior to 0.120.0, used in LedgerSMB up to 1.5.x. It inadequately sanitizes/escapes variables used in shell commands, enabling shell code injection via create(), run_file(), backup(), or restore(). This allows an attacker to e...
PGObject::Util::DBAdmin shell code injection vulnerability
LedgerSMB is an open source ERP, financial management system written and maintained by software developer Dieter Simader. The system is a branch of SQL-Ledger financial management software.PGObject::Util::DBAdmin is one of the modules used to manage PGObject. A security vulnerability exists in...
MGASA-2013-0261 Updated xpdf packages fixes security vulnerability
PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...
openshift-origin-node-util: restorer.php preg_match shell code injection
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATHINFO...
the web leaving the back door-vulnerability warning-the black bar safety net
First: In the administrator backend login screen to hide our Backdoor, it is relatively safe Because the administrator of the inlet is not often traded, as long as his login screen on our back door just in! Of course, you also can be flexibly inserted into the other file, as long as this file is...
Ubuntu 4.10 / 5.04 / 5.10 : openssh vulnerability (USN-255-1)
Tomas Mraz discovered a shell code injection flaw in scp. When doing local-to-local or remote-to-remote copying, scp expanded shell escape characters. By tricking an user into using scp on a specially crafted file name which could also be caught by using an innocuous wild card like '', an attacke...
USN-255-1: openssh vulnerability
Tomas Mraz discovered a shell code injection flaw in scp. When doing local-to-local or remote-to-remote copying, scp expanded shell escape characters. By tricking an user into using scp on a specially crafted file name which could also be caught by using an innocuous wild card like '', an attacke...
Дыра в kicq / licq
Можно вставить шелл-код в URL...