CVE-2024-38288

A command-injection issue in the Certificate Signing Request CSR functionality in R-HUB TurboMeeting through 8.x allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying server as root...

CVE-2024-38288

CVE-2024-38288 affects R-HUB TurboMeeting (through 8.x). The CSR feature in the admin portal is vulnerable to command injection, allowing authenticated administrators to run arbitrary OS commands on the server with root privileges. Documents confirm post-auth exploitation details in Nuclei templa...

CVE-2019-20155

An issue was discovered in reportedit.jsp in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. Any authenticated user may execute Groovy code when generating a report, resulting in arbitrary code execution on the underlying server...

SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit)

$Id: squirrelmailpgpplugin.rb 10148 2010-08-25 20:31:46Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...