35 matches found
EUVD-2020-17762
Malware in sbrugna...
EUVD-2007-5915
Malware in sbrugna...
CVE-2020-17363
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
CVE-2020-25070
USVN aka User-friendly SVN before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature...
CVE-2024-37879
Improper input validation in /admin/config/save in User-friendly SVN USVN before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo"...
CVE-2024-37879
CVE-2024-37879 affects User-friendly SVN (USVN) prior to v1.0.12. The issue is due to improper input validation in the /admin/config/save endpoint, allowing an administrator to execute arbitrary code via the fields: siteTitle, siteIco, and siteLogo. Impact is described as arbitrary code execution...
PT-2024-27805 · Usvn · Usvn
Name of the Vulnerable Software and Affected Versions: User-friendly SVN USVN versions prior to 1.0.12 Description: The issue is related to improper input validation in the /admin/config/save endpoint, allowing administrators to execute arbitrary code via the fields siteTitle, siteIco, and...
USVN Remote Code Execution (CVE-2020-17363)
A remote code execution vulnerability exists in USVN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-17363
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
CVE-2020-17363
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
Remote code execution
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
CVE-2020-17363
USVN aka User-friendly SVN before 1.0.9 allows remote code execution via shell metacharacters in the numberstart or numberend parameter to LastHundredRequest aka lasthundredrequestAction in the Timeline module. NOTE: this may overlap CVE-2020-25069...
CVE-2020-17363
USVN (PHP web interface for Subversion) is affected by CVE-2020-17363. All versions before 1.0.9 are vulnerable to remote code execution via shell metacharacters in number_start/number_end of LastHundredRequest (Timeline module). Red Hat and CNVD entries corroborate impact up to 1.0.9/1.0.10; exp...
USVN Arbitrary Code Execution Vulnerability
USVN is a web interface written in PHP for configuring Subversion repositories. An arbitrary code execution vulnerability exists in USVN versions prior to 1.0.10. An attacker can exploit this vulnerability to execute arbitrary code in the commit view...
CVE-2020-25070
USVN aka User-friendly SVN before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature...
CVE-2020-25069
USVN aka User-friendly SVN before 1.0.10 allows attackers to execute arbitrary code in the commit view...
CVE-2020-25069
USVN aka User-friendly SVN before 1.0.10 allows attackers to execute arbitrary code in the commit view...
CVE-2020-25070
USVN aka User-friendly SVN before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature...
Code injection
USVN aka User-friendly SVN before 1.0.10 allows attackers to execute arbitrary code in the commit view...
CVE-2020-25069
USVN aka User-friendly SVN before 1.0.10 allows attackers to execute arbitrary code in the commit view...