This Metasploit module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
1dfa323fc74f3423aec71ecc1cde0b04c26eea7a42d6702fc3d9df74654857c2
This Metasploit module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
6a462fdc51b0c493b941a326fd05e71eb12bf8bedb39c652d6c549a65bf5b2d5
C-Panel suffers from a reflective cross site scripting vulnerability in manage.html.
d82a4bc494fbe2f073497ffcfd9405e156889169ee06e1d1c9ea615a5598b3c9
Secunia Security Advisory - Some vulnerabilities have been reported in Tiki Wiki CMS/Groupware, which can be exploited by malicious people to compromise a vulnerable system.
b2c79e5cf5a9d838369f47aaeaa7b2ad77a68986fbe03aceee804e04496310ba
Secunia Security Advisory - A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.
9616311d91cbd52947ff5dfa42ee0970d8dbaedee6f97243a31819a863cacd97
Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli NetView for z/OS, which can be exploited by malicious, local users to gain escalated privileges.
59118a91ac9a5847a848c0ccceea95aafc19ee87af73a49bbb5dcbbdc6ab16cb
Secunia Security Advisory - Some vulnerabilities have been reported in Novell eDirectory, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
8d9bb0be2cfd4dd1b9bf45263f2ce02b3f71c0f2923ac5665d98554d51cff838
Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Rational System Architect, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
7df09a8bea53555300130ab721be537db6169e06b3de8937740c6719dc574850
Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in FireFly Media Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
a2b6f1d03eb5d6a9dee6d2135df4c253c1be2997d71f43f3b5ac20eb3ec5eaf9
Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Rational Method Composer, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS, and compromise a vulnerable system.
f0a23127e6397ec081378cb939d565362e7df8e5de65fcfc384c3fa908d3f519