Posts Tagged ‘remote’

Xplico Remote Code Execution

This Metasploit module exploits a command injection vulnerability in Xplico. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user. Source: Xplico Remote Code Execution


HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution

This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is […]


pfSense 2.1.3-RELEASE (amd64) Remote Command Execution

pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.1.3. Source: pfSense […]