Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-2845

EPSS 87.46% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-2845

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
GoAutoDial GoAdmin CE 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GoAutoDial是菲律宾GoAutoDial公司的一套开源的基于Web运行于CentOS系统中的呼叫中心软件。GoAdmin CE是其中的一套管理员应用程序。 GoAutoDial GoAdmin CE 3.3-1420434000之前版本的go_site.php脚本中的‘cpanel’函数存在安全漏洞。远程攻击者可借助PATH_INFO值中的$type变量利用该漏洞执行任意命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-2845

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-2845

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-05-12 · 28 CVEs total

CVE-2015-2219Lenovo System Update 权限许可和访问控制漏洞
CVE-2015-3646OpenStack Keystone 信息泄露漏洞
CVE-2015-3622GNU Libtasn1‘_asn1_extract_der_octet()’拒绝服务漏洞
CVE-2015-3620Fortinet FortiManager和FortiAnalyzer 跨站脚本漏洞
CVE-2015-3451XML::LibXML 信息泄露漏洞
CVE-2015-2844GoAutoDial GoAdmin CE 操作系统命令注入漏洞
CVE-2015-2843GoAutoDial GoAdmin CE SQL注入漏洞
CVE-2015-2842GoAutoDial GoAdmin CE 任意文件上传漏洞
CVE-2015-2829Citrix Systems NetScaler Application Delivery Controller和NetScaler Gateway 拒绝服务漏洞
CVE-2015-2668ClamAV 资源管理错误漏洞
CVE-2015-2234Lenovo System Update 竞争条件漏洞
CVE-2015-2233Lenovo System Update 加密问题漏洞
CVE-2015-2222ClamAV 资源管理错误漏洞
CVE-2015-2221ClamAV 资源管理错误漏洞
CVE-2015-3978SAP Sybase Unwired Platform Online Data Proxy 安全漏洞
CVE-2015-2170ClamAV upx解码器资源管理错误漏洞
CVE-2015-1880Fortinet FortiOS sslvpn登录页面跨站脚本漏洞
CVE-2015-1860Digia Qt QtBase模块缓冲区错误漏洞
CVE-2015-1859Digia QtQtBase模块缓冲区错误漏洞
CVE-2015-1858Digia Qt QtBase模块缓冲区错误漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-2845

No comments yet

Leave a comment