2 matches found
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
Unspecified vulnerability in Yachtcontrol
Yachtcontrol is a ship navigation system from the Dutch company Yachtcontrol. A security vulnerability exists in Yachtcontrol versions 2019-10-06 and earlier. An attacker could exploit the vulnerability to execute operating system commands...