This module exploits a remote PHP code injection vulnerability in Elastix PBX by uploading a renamed PHP file and leveraging a local file inclusion vulnerability to execute the PHP file. It also exploits a bad configuration in the /etc/sudoers file to elevate privileges from 'asterisk' user to 'root'.
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords.
The default Java security properties configuration does not restrict access to certain objects in the com.sun.jmx.mbeanserver packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
A unrestricted file upload vulnerability exists in includes/inline_image_upload.php within AutoSec Tools V-CMS 1.0. This allows remote attackers to execute arbitrary code by uploading a file with an executable extension and then accessing it via a direct request to the file in temp.
Input passed via the "from" and "to" POST parameters to converter.php is not properly sanitised before being stored in includes/currencies.php. This can be exploited to inject and execute arbitrary PHP code.
This module abuses a metacharacter injection vulnerability in the diff.php script. This flaw allows an unauthenticated attacker to execute arbitrary commands as the www-data user account.
The default Java security properties configuration did not restrict access
to certain com.sun.org.glassfish packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this moduleis not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
to certain com.sun.org.glassfish packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this moduleis not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module exploits a command injection vulnerability in WebCalendar prior to 1.2.4 in order to install an agent.
This module exploits a heap overflow vulnerability in Samba Server by sending a crafted request packet via DCERPC call.
This update adds support to Debian 5 (32 bits and 64 bits).
This update adds support to Debian 5 (32 bits and 64 bits).
Invision Power Board is vulnerable to a remote code execution due to the use of the unserialize method on user input passed through cookies without a proper sanitization.