Lucene search
K

31246 matches found

Cvelist
Cvelist
added 2026/02/03 4:52 p.m.28 views

CVE-2020-37116 GUnet OpenEclass 1.7.3 E-learning platform - phpMyAdmin Remote Access

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

8.8CVSS0.00415EPSS
Exploits1References4
CVE
CVE
added 2026/02/03 4:52 p.m.13 views

CVE-2020-37116

GUnet OpenEclass 1.7.3 ships with phpMyAdmin 2.10.0.2 by default, enabling remote login. If an attacker gains platform access, they can reach phpMyAdmin, upload a shell, and view the config.php to obtain the MySQL password, enabling full database compromise. The provided documents do not specify ...

8.8CVSS5.5AI score0.00415EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/02/03 4:52 p.m.8 views

EUVD-2020-30979

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

8.8CVSS5.5AI score0.00415EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/03 4:52 p.m.7 views

EUVD-2020-30982

GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renaming a PHP file to .php3 or .PhP, an attacker can upload a web shell and execute arbitrary code on the server. This vulnerability enables remote code execution by bypassing the...

8.8CVSS6.9AI score0.00781EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/03 4:52 p.m.4 views

CVE-2020-37113 GUnet OpenEclass 1.7.3 E-learning platform - File Upload Extension Bypass

GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renaming a PHP file to .php3 or .PhP, an attacker can upload a web shell and execute arbitrary code on the server. This vulnerability enables remote code execution by bypassing the...

8.8CVSS6.9AI score0.00781EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:52 p.m.4 views

CVE-2020-37113

GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renaming a PHP file to .php3 or .PhP, an attacker can upload a web shell and execute arbitrary code on the server. This vulnerability enables remote code execution by bypassing the...

8.8CVSS6.9AI score0.00781EPSS
Exploits1References4
CVE
CVE
added 2026/02/03 4:52 p.m.16 views

CVE-2020-37113

GUnet OpenEclass 1.7.3 is affected by a file upload extension bypass vulnerability. Authenticated users can rename a PHP file to .php3 or .PhP to bypass the exercise submission file-type checks, upload a web shell, and achieve remote code execution on the server. This is documented across CVE-202...

8.8CVSS6.9AI score0.00781EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2026/02/03 12:45 p.m.137 views

Linux-Usermode-Exploitation-101

Linux Usermode Exploitation 101 Introduction The aim of th...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/03 7:4 a.m.6 views

openssh: potential command injection via shell metacharacters

A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters...

6.5CVSS7.6AI score0.19753EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2026/02/03 7:4 a.m.12 views

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.5CVSS7.1AI score0.19753EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2026/02/03 7:4 a.m.5 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

3.6CVSS6.7AI score0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/02/03 6:15 a.m.4 views

CVE-2025-58381

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...

2.3CVSS5.8AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 6:15 a.m.5 views

CVE-2025-58381

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...

4.6CVSS0.00179EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 5:40 a.m.12 views

CVE-2025-58381

CVE-2025-58381 affects Brocade Fabric OS prior to 9.2.1c2. An authenticated admin can use shell commands (source, ping6, sleep, disown, wait) to modify path variables and traverse directories (directory transversal). Public docs consistently name Brocade Fabric OS and versions up to 9.2.1c2 as af...

4.6CVSS5.5AI score0.00179EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 5:40 a.m.3 views

CVE-2025-58381 Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...

4.6CVSS7.8AI score0.00179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 5:5 a.m.4 views

CVE-2025-58380

A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories...

4.6CVSS5.4AI score0.00179EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/03 4:15 a.m.3 views

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 4:15 a.m.14 views

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

8.2CVSS0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 3:55 a.m.27 views

CVE-2026-0383 Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

8.2CVSS0.00198EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 3:55 a.m.10 views

EUVD-2026-5262

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

8.2CVSS5.4AI score0.00198EPSS
Exploits0References1
Rows per page
Query Builder