Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

CVE-2019-19034: AssetExplorer ITAM Solution ServicePacks Readme

Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.

CVE
Open in Source
#sql#xss#csrf#vulnerability#web#ios#android#mac#windows#google#microsoft#ubuntu#linux#debian#cisco#red_hat#dos#redis#js#git#java#oracle#intel#rce#perl#ldap#samba#ssrf#pdf#vmware#log4j#bios#buffer_overflow#oauth#auth#ssh#telnet#dell#postgres#chrome#firefox#sap#ssl
CVE-2020-10808: Adding Vesta Control Panel Remote Code Execution 0day by mdisec · Pull Request #13094 · rapid7/metasploit-framework

Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters.

CVE-2019-15654: Trustwave Security Advisories

Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login information is stored in cleartext.

CVE-2019-15656: Security Advisories | Trustwave

D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.

CVE-2020-7608: Snyk Vulnerability Database | Snyk

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.

CVE-2020-10504: Home

CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.

CVE-2020-10387: Home

Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.

CVE-2020-10388: Home

The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).

CVE-2020-10390: Home

OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php.

CVE-2020-10401: Home

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload.