PT-2024-13859 · Rengine · Rengine
Name of the Vulnerable Software and Affected Versions: reNgine versions prior to 2.1.2 Description: The issue allows OS Command Injection if an adversary has a valid session ID. The attack involves placing shell metacharacters in an "api/tools/waf detector/?url=" string. The commands are executed...