Description
Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Radovan GarabÃk · textwebappscgi
https://www.exploit-db.com/exploits/26066
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/21668
Patch mailing-list
x_refsource_mlist
http://sourceforge.net/mailarchive/message.php?msg_id=12539317
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/16319
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14463
Product mailing-list
x_refsource_mlist
http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/18506
Scores
EPSS
0.0706
EPSS Percentile
91.6%
Details
Status
published
Products (13)
karrigell/karrigell
2.0
karrigell/karrigell
2.0.1
karrigell/karrigell
2.0.2
karrigell/karrigell
2.0.3
karrigell/karrigell
2.0.4
karrigell/karrigell
2.0.5
karrigell/karrigell
2.0_beta
karrigell/karrigell
2.1
karrigell/karrigell
2.1.1
karrigell/karrigell
2.1.2
... and 3 more
Published
Aug 07, 2005
Tracked Since
Feb 18, 2026