7 matches found
EUVD-2021-1979
Malware in sbrugna...
EUVD-2022-34392
Malicious code in bioql PyPI...
CVE-2021-38557
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh wit...
CVE-2020-10384
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root account...
CVE-2021-38557
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh wit...
MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 Privilege Management Error Vulnerability
Mb Connect Line MB CONNECT LINE mymbCONNECT24 is an in-house remote maintenance solution for virtual environments from MB CONNECT LINE Mb Connect Line, Germany. A privilege management error vulnerability exists in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24, which can be exploited by an attacke...
Basilic diff.php Arbitrary Command Execution (CVE-2012-3399)
The vulnerability is due to lack of input verification in the affected function A remote attacker can exploit this issue by sending a specially crafted script to the target. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands as the www-data...