1774 matches found
FreeNAS Remote Shell Command Execution Vulnerability
FreeNAS is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit the remote shell-command-execution issue to execute arbitrary shell commands in the context of the webserver process. FreeNAS versions prior ...
FreeNAS Remote Shell Command Execution Vulnerability
FreeNAS is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit the remote shell-command-execution issue to execute arbitrary shell commands in the context of the webserver process. FreeNAS versions prior ...
JAF CMS <= 4.0 RC2 Multiple Vulnerabilities
JAF CMS is prone to a shell command execution vulnerability and multiple remote file include vulnerabilities because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...
Reverse Shell Applet
Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...
CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Natural Killer "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n";...
PH Pexplorer <= 0.4.7.1 (lang.php) Remote Code Execution Exploit
Exploit for php platform in category web applications ================================================================ PH Pexplorer Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm...
ValidForm Builder script - Remote Command Execution
Exploit Title: ValidForm Builder script Remote Command Execution Vulnerability Date: 2010/07/23 Author: HackeR aRaR Email: [email protected] My Sites : www.vbspiders.com Script home: http://www.phpgalleryscript.org download Script: http://validformbuilder.googlecode.com/files/validformbuilderv.1.0.z...
Joomla Camp26 VisitorData Module Shell Command Injection Vulnerability
No description provided by source. A vulnerability has been discovered in the Camp26 VisitorData module for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "X-Forwarded-For" HTTP header is not properly sanitised before being used as a...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Debian DSA-1990-1 : trac-git - shell command injection
Stefan Goebel discovered that the Debian version of trac-git, the Git add-on for the Trac issue tracking system, contains a flaw which enables attackers to execute code on the web server running trac-git by sending crafted HTTP queries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-1891-1 : changetrack - shell command execution
Marek Grzybowski discovered that changetrack, a program to monitor changes to configuration files, is prone to shell command injection via metacharacters in filenames. The behaviour of the program has been adjusted to reject all filenames with metacharacters. %NASLMINLEVEL 70300 C Tenable Network...
[SECURITY] [DSA-1990-1] New trac-git packages fix code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1990-1 [email protected] http://www.debian.org/security/ Florian Weimer February 03, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1990-2] New trac-git package fixes regression
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1990-2 [email protected] http://www.debian.org/security/ Stefan Fritsch February 04, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1990-2] New trac-git package fixes regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1990-2 [email protected] http://www.debian.org/security/ Stefan Fritsch February 04, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1990-2] New trac-git package fixes regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1990-2 [email protected] http://www.debian.org/security/ Stefan Fritsch February 04, 2010 http://www.debian.org/security/faq -...
SystemTap 'stap-server' Remote Shell Command Injection Vulnerability
This host has SystemTap installed and is prone to Arbitrary Command Execution vulnerability OpenVAS Vulnerability Test $Id: secpodsystemtapshellcmdinjectionvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ SystemTap 'stap-server' Remote Shell Command Injection Vulnerability Authors: Madhuri D Copyrigh...
SystemTap 'stap-server' Remote Shell Command Injection Vulnerability
SystemTap is prone to an arbitrary command execution vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...