2 results (0.008 seconds)

CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 2

17 Dec 2024 — A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user. • https://packetstorm.news/files/id/189316 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 12%CPEs: 1EXPL: 2

25 May 2015 — Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts. Bomgar Remote Support anterior a 15.1.1 permite a atacantes remotos ejecutar código PHP arbitrario a través de datos serializados manipulados en secuencias de comandos PHP no especificadas. • https://packetstorm.news/files/id/137508 • CWE-94: Improper Control of Generation of Code ('Code Injection') •