Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization...

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

CVE-2023-1168

An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system, leading to a complete compromise of the switc...

CVE-2023-51066

An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 allows attackers to arbitrarily execute commands...

CVE-2023-40265

An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload...

CVE-2023-33722

EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution RCE vulnerability via the pppUserName parameter...

CVE-2023-27604

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

CVE-2021-40387

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...

Exploit for Unrestricted Upload of File with Dangerous Type in Mozilo Mozilocms

MoziloCMS = 3.0.1 Authenticated RCE Description This scr...

📄 WBCE CMS 1.6.3 Remote Code Execution

WBCE CMS version 1.6.3 suffers from an authenticated remote code execution vulnerability. Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat...

CVE-2025-2749 Kentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCE

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

CVE-2024-42362

Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated user role RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0...

LibreNMS Authenticated Remote Code Execution

An authenticated attacker can create dangerous directory names on the system and alter sensitive configuration parameters through the web portal. Those two defects combined then allows to inject arbitrary OS commands inside shellexec calls, thus achieving arbitrary code execution. This module...

CVE-2025-23051

CVE-2025-23051 affects ArubaOS (AOS-8 through AOS-10) — a web-based management interface vulnerability allows an authenticated user to perform parameter injection to overwrite arbitrary system files. Root cause: parameter injection in the authenticated context. Impact: potential compromise of sys...

CVE-2024-9154

CVE-2024-9154 is a code-injection vulnerability in HMS Networks Ewon Flexy 205 that allows executing commands at the system level on the device. Affected product: Ewon Flexy 205 (firmware up to 14.8s0). The issue is described as enabling authenticated remote code execution with impact to confiden...

CVE-2024-9154 Authenticated Remote Code Execution

A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system level on the device. This issue affects Ewon Flexy 205: through 14.8s0 2633...

CVE-2024-47558 Authenticated RCE via Path Traversal

Authenticated RCE via Path Traversal...

Metasploit Weekly Wrap-Up 10/04/2024

New module content 3 cups-browsed Information Disclosure Authors: bcoles and evilsocket Type: Auxiliary Pull request: 19510 contributed by bcoles Path: scanner/misc/cupsbrowsedinfodisclosure Description: Adds scanner module to retrieve CUPS version and kernel version information from cups-browsed...

ManageEngine OpManager RCE (CVE-2024-5466)

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported versio...

CVE-2024-5466

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...