CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit DB•added 2013/06/07 12:0 a.m.•36 views

Asus RT56U 3.0.0.4.360 - Remote Command Injection

Exploit Title: Asus RT56U Remote Command Injection Date: 05/05/2013 Exploit Author: drone @dronesec Vendor Homepage: asus.com Version: = 3.0.0.4.360 latest Device Details: ============== Router information: http://www.asus.com/Networking/RTN56U/ Firmware:...

7AI score

Check Point Advisories•added 2012/09/04 12:0 a.m.•4 views

Digium Asterisk Manager User Shell Command Execution (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk...

6.4AI score0.04278EPSS

Tenable Nessus•added 2012/08/06 12:0 a.m.•27 views

Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011)

The Symantec Web Gateway install on the remote host is affected by a remote shell command execution vulnerability due to its failure to sanitize input to the 'ip' parameter of the 'fromha.php' script. An unauthenticated, remote attacker can exploit this vulnerability to save a random PHP script o...

10CVSS5.9AI score0.06861EPSS

Exploits2References4

exploitpack•added 2011/05/18 12:0 a.m.•12 views

klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution

klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution source: https://www.securityfocus.com/bid/47924/info klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

0.9AI score

OpenVAS•added 2010/11/05 12:0 a.m.•19 views

JAF CMS <= 4.0 RC2 Multiple Vulnerabilities

JAF CMS is prone to a shell command execution vulnerability and multiple remote file include vulnerabilities because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

7.8AI score

Exploits0References5

Saint•added 2010/04/13 12:0 a.m.•34 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

Saint•added 2010/04/13 12:0 a.m.•71 views

Nagios statuswml.cgi Command Injection

Saint•added 2010/04/13 12:0 a.m.•39 views

Nagios statuswml.cgi Command Injection

Saint•added 2010/04/13 12:0 a.m.•39 views

Nagios statuswml.cgi Command Injection

Tenable Nessus•added 2010/02/24 12:0 a.m.•17 views

Debian DSA-1891-1 : changetrack - shell command execution

Marek Grzybowski discovered that changetrack, a program to monitor changes to configuration files, is prone to shell command injection via metacharacters in filenames. The behaviour of the program has been adjusted to reject all filenames with metacharacters. %NASLMINLEVEL 70300 C Tenable Network...

7.2CVSS5.4AI score0.00226EPSS

Exploits1References3

Tenable Nessus•added 2009/11/06 12:0 a.m.•37 views

FreeBSD : typo3 -- multiple vulnerabilities in TYPO3 Core (6693bad2-ca50-11de-8ee8-00215c6a37bb)

TYPO3 develop team reports : Affected versions: TYPO3 versions 4.0.13 and below, 4.1.12 and below, 4.2.9 and below, 4.3.0beta1 and below. SQL injection, Cross-site scripting XSS, Information disclosure, Frame hijacking, Remote shell command execution and Insecure Install Tool authentication/sessi...

8.5CVSS5.4AI score0.01041EPSS

Exploits0References11

FreeBSD•added 2009/10/22 12:0 a.m.•28 views

typo3 -- multiple vulnerabilities in TYPO3 Core

TYPO3 develop team reports: Affected versions: TYPO3 versions 4.0.13 and below, 4.1.12 and below, 4.2.9 and below, 4.3.0beta1 and below. SQL injection, Cross-site scripting XSS, Information disclosure, Frame hijacking, Remote shell command execution and Insecure Install Tool authentication/sessio...

8.5CVSS6.6AI score0.01041EPSS

Exploits0References2

Typo3•added 2009/10/20 12:0 a.m.•13 views

TYPO3 Security Bulletin

Several vulnerabilities have been found in the following third party TYPO3 extensions: Apache Solr Search solr, Random Images maagrandomimage, Flagbit Filebase fbfilebase, freeCap CAPTCHA srfreecap Release Date: Oktober 20, 2009 Please read first: This Collective Security Bulletin CSB is a listin...

7.4AI score

Exploits0Affected Software4

Tenable Nessus•added 2009/07/21 12:0 a.m.•21 views

openSUSE Security Update : jhead (jhead-399)

This update of jhead fixes several security problems : - CVE-2008-4575: buffer overflow in DoCommand - CVE-2008-4639: local symlink attack - CVE-2008-4640: DoCommand allowed deletion of arbitrary files - CVE-2008-4641: execution of arbitrary shell commands in DoCommand %NASLMINLEVEL 70300 C Tenab...

10CVSS6AI score0.02025EPSS

Exploits1References5

seebug.org•added 2009/04/01 12:0 a.m.•63 views

VirtueMart <= 1.1.2 Multiple Remote Vulnerabilities

No description provided by source. Author: Janek Vind "waraxe" Date: 24. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-71.html Description of vulnerable software: VirtueMart is an Open Source E-Commerce solution to be used together with a Content Management System CMS...

7.1AI score

Packet Storm•added 2009/04/01 12:0 a.m.•53 views

VirtueMart 1.1.2 SQL Injection / RFI / LFI / XSS

Author: Janek Vind "waraxe" Date: 24. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-71.html Description of vulnerable software: VirtueMart is an Open Source E-Commerce solution to be used together with a Content Management System CMS called Joomla! and Mambo. Joomla! an...

0.8AI score