MediaWiki thumb.php page Parameter Remote Shell Command Injection

MediaWiki contains a flaw that is due to the program failing to properly sanitize input passed via the "page" parameter in the thumb.php script. This may allow a remote attack to inject arbitrary shell commands. Vulnerability Type: Remote Command Execution For the exploit source code contact...

[oss-security] OpenFiler - Arbitrary Code Execution & Stored XSS

hi, Multiple vulnerabilities were discovered in the latest version of OpenFiler appliance, 2.99.1 as reported herehttps://forums.openfiler.com/index.php?/topic/6720-arbitrary-code-execution-stored-xss-vulnerability-in-openfiler-latest-version-2991/, here http://www.exploit-db.com/exploits/33247 a...

Cross site scripting

Cross-site scripting XSS vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment SNARE for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command...

CVE-2011-5249

Cross-site scripting XSS vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment SNARE for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command...

Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem

Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...

WordPress WP-Filebase Download Manager插件任意代码执行漏洞

WordPress是一款内容管理系统。 由于通过上传文件时的文件名传递的输入在被用于classes/Admin.php中"exec"的调用时没有正确过滤，攻击者可以利用漏洞通过特制的HTTP POST命令执行任意SHELL命令。 0 WordPress WP-Filebase Plugin 0.x WordPress WP-Filebase Plugin 0.3.0.04版本以修复此漏洞，建议用户下载使用： http://wordpress.org/plugins/wp-filebase/changelog/...

CVE-2014-2321

webshellcmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials...

MediaWiki <= 1.22.1 PdfHandler Remote Code Execution Exploit

Exploit for multiple platform in category web applications Exploit: 1. upload Longcat.pdf to wikimedia cms site with PDF Handler enabled http://vulnerable-site/index.php/Special:Upload 2. inject os cmd to upload a php-backdoor http://vulnerable-site/thumb.php?f=Longcat.pdf&w=10|echo%20...

MediaWiki 1.22.1 PdfHandler - Remote Code Execution

MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...

Zabbix: Shell command injection

Background Zabbix is software for monitoring applications, networks, and servers. Description If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are disabled. Impact A...

Firefox XPCOM Execute Command

This module runs a shell command on the target OS without touching the disk. On Windows, this command will flash the command prompt momentarily. This can be avoided by setting WSCRIPT to true, which drops a jscript "launcher" to disk that hides the prompt. This module requires Metasploit:...

DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability

DD-WRT is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CiscoWorks Common Services Home Page Component Unspecified Shell Command Execution

The version of CiscoWorks Common Services installed on the remote Windows host is potentially affected by an arbitrary shell command execution vulnerability. By exploiting this flaw, a remote, authenticated attacker could execute arbitrary commands on the remote host subject to the privileges of...

PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shellexec php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70. This...

Asus RT56U 3.0.0.4.360 - Remote Command Injection

Exploit Title: Asus RT56U Remote Command Injection Date: 05/05/2013 Exploit Author: drone @dronesec Vendor Homepage: asus.com Version: = 3.0.0.4.360 latest Device Details: ============== Router information: http://www.asus.com/Networking/RTN56U/ Firmware:...

TWiki 5.1.2 Command Execution Vulnerability

TWiki versions 4.x and 5.1.0 through 5.1.2 suffers from a remote command execution vulnerability due to an underlying security issue in the Locale::Maketext CPAN module. This security advisory alerts you of a potential security issue with TWiki installations: The %MAKETEXT% TWiki variable allows...

TWiki 5.1.2 Command Execution

This security advisory alerts you of a potential security issue with TWiki installations: The %MAKETEXT% TWiki variable allows arbitrary shell command execution. The problem is caused by an underlying security issue in the Locale::Maketext CPAN module. Vulnerable Software Version Attack Vectors...

Geany <=1.22 Local Code injection Vulnerability

Geany version Compile Or the shortcut F8, injected code ready. Examples: xpl.c";ls -la" xpl.c";cat /etc/passwd" 0day.today 2018-04-10...

Fedora 16 : weechat-0.3.8-4.fc16 (2012-18575)

Fix arbitrary code execution due to call of shell when executing command within hookprocess Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

FreeBSD : weechat -- Arbitrary shell command execution via scripts (81826d12-317a-11e2-9186-406186f3d89d)

Sebastien Helleu reports : Untrusted command for function hookprocess could lead to execution of commands, because of shell expansions. Workaround with a non-patched version: remove/unload all scripts calling function hookprocess for maximum safety. %NASLMINLEVEL 70300 C Tenable Network Security,...