54 matches found
CVE-2021-44981
CVE-2021-44981 affects QuickBox Pro v2.5.8 and earlier. The config.php variable accepts a GET parameter and is parsed into shell_exec(''); without proper sanitization, enabling remote code execution. The media server runs as root by default, allowing an attacker to use sudo within that shell_exec...
CVE-2021-41326
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shellexec call...
CVE-2021-41326
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shellexec call...
CVE-2021-41326
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shellexec call...
Klog Server authenticate.php user Unauthenticated Command Injection
This module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the shellexec PHP function without appropriate input validation, allowing arbitrary command execution as the...
Klog Server 2.4.1 Command Injection
Exploit Title: Klog Server 2.4.1 - Command Injection Authenticated Date: 26.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.klogserver.com/ Version: 2.4.1 Description: https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection CVE: 2021-3317 """...
CVE-2021-3317
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shellexec on the original value of the source parameter...
Command injection
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shellexec on the original value of the source parameter...
CVE-2021-3317
KLog Server up to version 2.4.1 is affected by an authenticated command injection vulnerability. The issue arises in async.php, where the source parameter is passed to shell_exec() without proper input validation, allowing an attacker with valid credentials to execute arbitrary commands on the se...
Online Book Store 1.0 Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/env python3 Exploit Title: Online Book Store 1.0 - Unauthenticated Remote Code Execution modified by cesgami Exploit Author: Tib3rius Vendor Homepage:...
PHP 7.3.x < 7.3.17 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...
PHP 7.2.x < 7.2.30 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...
Student Enrollment 1.0 Remote Code Execution
Exploit Title: Student Enrollment 1.0 - Unauthenticated Remote Code Execution Date: 2020-06-22 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14281/online-student-enrollment-system-using-phpmysqli.html Version: 1.0 Tested on: Windows 10 /...
PHP 7.2.x < 7.2.30 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.30. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An attacker can exploit...
vBulletin 5.x Pre-Auth Remote Code Execution
!/usr/bin/python vBulletin 5.x 0day pre-auth RCE exploit This should work on all versions from 5.0.0 till 5.5.4 Google Dorks: - site:.vbulletin.net - "Powered by vBulletin Version 5.5.4" import requests import sys if lensys.argv != 2: sys.exit"Usage: %s " % sys.argv0 params =...
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13, OS: necov1.8-0-g7ffe5b3, Hardware: Flir Systems Ne...
EyesOfNetwork (EON) 5.0 - Remote Code Execution
EyesOfNetwork EON 5.0 - Remote Code Execution CVE-2017-6087 EON 5.0 Remote Code Execution Description EyesOfNetwork "EON" is an OpenSource network monitoring solution. Remote Code Execution authenticated The Eonweb code does not correctly filter arguments, allowing authenticated users to execute...
Command injection
The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...
Design/Logic Flaw
The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...