14 matches found
Trixbox 2.8.0.4 Remote Code Execution
Exploit Title: Trixbox 2.8.0.4 - 'lang' Remote Code Execution Unauthenticated Date: 27.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ Credits to: Sachin Wagh Vendor Homepage:...
Trixbox 2.8.0.4 - (lang) Path Traversal Exploit
Exploit Title: Trixbox 2.8.0.4 - 'lang' Path Traversal Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/ Credits to: Sachin Wagh Vendor Homepage:...
Trixbox 2.8.0.4 - 'lang' Remote Code Execution (Unauthenticated)
Exploit Title: Trixbox 2.8.0.4 - 'lang' Remote Code Execution Unauthenticated Date: 27.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ Credits to: Sachin Wagh Vendor Homepage:...
Trixbox 2.8.0.4 - 'lang' Path Traversal
Exploit Title: Trixbox 2.8.0.4 - 'lang' Path Traversal Date: 27.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/ Credits to: Sachin Wagh Vendor Homepage:...
CVE-2017-14535
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php...
Command injection
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php...
CVE-2017-14537
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php...
CVE-2017-14535
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php...
Path traversal
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php...
CVE-2017-14536
trixbox 2.8.0.4 has XSS via the PATHINFO to /maint/index.php or /user/includes/language/langChooser.php...
Code injection
trixbox 2.8.0.4 has XSS via the PATHINFO to /maint/index.php or /user/includes/language/langChooser.php...
CVE-2017-14535
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php...
CVE-2017-14536
trixbox 2.8.0.4 has XSS via the PATHINFO to /maint/index.php or /user/includes/language/langChooser.php...
Trixbox 2.8.0.4 Cross Site Scripting
Exploit Title: Trixbox 2.8.0.4 XSS Exploit Date: 07/04/2014 Exploit Author: Daniel Moreno a.k.a W1ckerMan Vendor Homepage: http://sourceforge.net/projects/asteriskathome/ Version: 2.8.0.4 This exploit needs authentication...