8 matches found
CVE-2026-27806
Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates it directly into a Tcl/expect script executed via exec.Command"expect", "-c", script. Because the...
CVE-2026-27806
Fleet Orbit is affected prior to version 4.81.1 where the Orbit agent’s FileVault rotation flow collects a local user’s password through a GUI dialog and interpolates it into a Tcl/expect script executed via exec.Command("expect", "-c", script). The password is inserted into a Tcl brace-quoted se...
CVE-2026-27806 Fleet Affected by Local Privilege Escalation via Tcl Command Injection in Orbit
Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates it directly into a Tcl/expect script executed via exec.Command"expect", "-c", script. Because the...
SiteScape Enterprise Forum 7 TCL Injection
No description provided by source. !/usr/bin/env python -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
SiteScape Enterprise Forum 7 TCL Injection
Exploit for cgi platform in category web applications !/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
SiteScape Enterprise Forum 7 - TCL Injection
SiteScape Enterprise Forum 7 - TCL Injection !/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
SiteScape Enterprise Forum 7 - TCL Injection
!/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, ...
SiteScape Forum TCL injection
Hi, I have following advisory for you. [email protected] SiteScape Forum TCL injection ================================ discovered by [email protected] PRODUCT: SiteScape Forum EXPOSURE: TCL injection SYNOPSIS ======== By URL modification it is possible to insert TCL code into aplication. Accou...