CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-0187

Malware in sbrugna...

7.5CVSS6.3AI score0.00977EPSS

Exploits0References9

RedhatCVE•added 2025/05/22 11:20 a.m.•4 views

CVE-2013-1898

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS8AI score0.00977EPSS

Exploits0References1

Github Security Blog•added 2017/10/24 6:33 p.m.•26 views

Thumbshooter vulnerable to Code Injection

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS7.9AI score0.00977EPSS

Exploits0References7Affected Software1

OSV•added 2017/10/24 6:33 p.m.•11 views

GHSA-7FQJ-CG79-F2PV Thumbshooter vulnerable to Code Injection

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS7.5AI score0.00977EPSS

Exploits0References7

NVD•added 2013/04/09 8:55 p.m.•10 views

CVE-2013-1898

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS7.6AI score0.00977EPSS

Exploits0References5

Prion•added 2013/04/09 8:55 p.m.•12 views

Code injection

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.5CVSS8.2AI score0.00977EPSS

Exploits0References5Affected Software1

Cvelist•added 2013/04/09 8:0 p.m.•15 views

CVE-2013-1898

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...

7.6AI score0.00977EPSS

Exploits0References5

CVE•added 2013/04/09 8:0 p.m.•81 views

CVE-2013-1898

CVE-2013-1898 affects the Ruby Thumbshooter gem (version 0.1.5) via thumbshooter.rb. The flaw is an input sanitization issue where a URL containing shell metacharacters enables a remote attacker to execute arbitrary commands. The vulnerability arises from insufficient sanitization of URL input, a...

7.5CVSS7.9AI score0.00977EPSS

Exploits0References5Affected Software1

seebug.org•added 2013/03/27 12:0 a.m.•9 views

RubyGems 'thumbshooter'远程命令执行漏洞

BUGTRAQ ID: 58706 RubyGems thumbshooter可以通过webkit和qt4创建thumbshots网站。 thumbshooter因未对用户输入进行充分检查而致使存在命令执行漏洞，攻击者成功利用后可在受影响应用中执行任意命令。 0 rubygems thumbshooter 厂商补丁： rubygems -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://rubygems.org/gems/thumbshooter 1012 command "xvfb-run -a...

6.9AI score

Exploits0

Packet Storm•added 2013/03/27 12:0 a.m.•23 views

Ruby Thumbshooter Gem 0.1.5 Remote Command Execution

Ruby gem Thumbshooter 0.1.5 remote command execution 3/25/2013 Generates thumbshots of URLs by using Webkit and QT4. https://github.com/digineo/thumbshooter Specially crafted URLs can result in remote code execution if the URL contains shell metacharacters. We see that the url is passed directly ...

0.3AI score

Exploits0

RubySec•added 2013/03/26 12:0 a.m.•11 views

Thumbshooter Gem for Ruby thumbshooter.rb URL Shell Metacharacter Injection Arbitrary Command Execution

Thumbshooter Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input passed to thumbshooter.rb. With a specially crafted URL that contains shell metacharacters, a context-dependent attacker can execute arbitrary commands...

7.5CVSS6.8AI score0.00977EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by