_s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the _execute() function.
View Full Alert
Related Posts
CVE-2019-9673 (freenet)Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI.
CVE-2019-12323 (hc10)The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS. View Full Alert
CVE-2019-12887 (linotp)KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2). View Full Alert
