Latest Security News about remote code execution rce

unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

  Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application. CVE-2020-8639 [...]

cPanel before 84.0.20 allows a demo account to achieve remote code execution

Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). Vulnerability Details : CVE ID : CVE-2020-10119 Skip to end of metadata Created by Documentation, last modified yesterday at 3:08 PM Go to start of metadata 84.0.22 2020-03-16 [security] Fixed case SEC-505: Bandwidth suspensions can be triggered [...]

Vtiger CRM <= 6.3 Authenticated Remote Code Execution

Overview : Vtiger CRM version 6.3 (“Open Source” branch; released on 2015-06-04) and lower are vulnerable to Authenticated Remote Code Execution. Affected Product(s) : vTiger CRM 6.3.0 Vulnerability Details : CVE ID : CVE-2015-600 Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to […]

Trend Micro Anti-Threat Toolkit (ATTK) RCE Vulnerability

Overview : Vulnerable versions of ATTK may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Affected Product(s) : Anti-Threat Toolkit (ATTK) 1.62.0.1218 and below Vulnerability Details : CVE ID : CVE-2019-9491 CVSS 3.0 Score(s): 7.5 – AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H Solution : Exploiting these type of […]