26 matches found
Remote code execution
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
CVE-2020-17363
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
USVN Operating System Command Injection Vulnerability
USVN is a Php-based software for configuring Subversion by the USVN team. A security vulnerability exists in versions prior to USVN 1.0.9 that allows remote code execution via shell metacharacters in the start-of-number or end-of-number parameter to lastthunderdredrequest aka...
Drupal Ajax Timeline Module Cross-Site Scripting Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal Ajax Timeline module due to the program failing to properly filter user-supplied input. An attacker could use thi...
WordPress Plugin Facebook Survey 1.0 - SQL Injection
Title: ====== Wordpress Facebook Survey v1 - SQL Injection Vulnerability Date: ===== 2012-11-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=766 VL-ID: ===== 766 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...
WordPress Plugin Facebook Survey 1.0 - SQL Injection
WordPress Plugin Facebook Survey 1.0 - SQL Injection Title: ====== Wordpress Facebook Survey v1 - SQL Injection Vulnerability Date: ===== 2012-11-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=766 VL-ID: ===== 766 Common Vulnerability Scoring System:...