A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.
e107 CMS is vulnerable to a command injection in its installation script due to a lack of sanitization on the MySQL server parameter.
The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an Core Impact agent, creates a php file to execute the agent and then makes a request to the file. The result is an Core Impact agent running on the webserver.
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.
This vulnerability abuses a metacharacter injection vulnerability in the diff.php script. This flaw allows an unauthenticated attacker to execute arbitrary commands as the www-data user account.
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
This module exploits a vulnerability in Java Bridge component of Zend Server.
This module exploits a remote stack-based buffer overflow in Yokogawa CS3000 by sending a malformed packet to the 20010/UDP port.
This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000 by using its BKHOdeq.exe service. The BKHOdeq.exe service, started when running the FCS / Test Function listens by default on TCP/20109, TCP/20171 and UDP/1240. By sending a specially crafted packet to the port TCP/20171 its possible to trigger a stack based buffer overflow which allows execution of arbitrary code with the privileges of the CENTUM user.
This module exploits a remote stack-based buffer overflow in Yokogawa CS3000 by sending a malformed packet to the 52302/UDP port.