CVE-2017-3912

Bypassing password security vulnerability in McAfee Application and Change Control MACC 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility...

WordPress Ninja Forms CSV Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Ninja Forms is one of the form creation plugin . A CSV injection vulnerability exists in WordPress Ninja Forms. An...

Command Execution Vulnerability in FUJI XEROX DocuPrint C1110

The DocuPrint C1110 is a laser printer. A command execution vulnerability exists in the FUJI XEROX DocuPrint C1110. An attacker can exploit the vulnerability to execute commands, upload files, delete printer system files, cause the printer to DOS, and more...

Command Execution Vulnerability in Dell Color Laser 1320c

The Dell Color Laser 1320c is a printer. A command execution vulnerability exists in the Dell Color Laser 1320c. An attacker could exploit the vulnerability to execute commands...

Command Execution Vulnerability in Controller Technology's Little K Smart App

Controller smart home through cutting-edge wireless technology to upgrade the home electrical equipment networking, so as to realize a variety of whole-house intelligent scene. The controller has a variety of smart sockets, designed in a compact form with a variety of functions, with a linkage...

Command Execution Vulnerability in HP LaserJet 5200 Series Printers

The HP LaserJet 5200 series is a printer from HP China. A command execution vulnerability exists in the HP LaserJet 5200 series printers, which can be exploited by an attacker to execute commands through port 9100...

Command Execution Vulnerability in ZZZCMS Website Builder System

zzcms is asp language to do free open-source station-building system, mainly facing the majority of webmasters to use. ZZZCMS website builder system there is a command execution vulnerability, attackers can use the vulnerability to execute remote commands...

The vulnerability of the Cluster Manager component of the Cisco Policy Suite’s software management platform allows a malicious actor to gain access to the system and execute arbitrary commands with root privileges.

The vulnerability of the Cluster Manager component of the Cisco Policy Suite management software is related to the use of pre-installed user credentials. Exploiting this vulnerability could allow an attacker to gain access to the system and execute arbitrary commands with root privileges...

Red Hat CloudForms Management Engine Logic Flaw Vulnerability

The Red Hat CloudForms Management Engine CFME is a management engine for IaaS Infrastructure as a Service cloud services solutions from Red Hat, Inc. A security vulnerability exists in dRuby in Red Hat CFME that stems from a failure to properly configure security settings. An attacker could explo...

GHSA-M85C-9MF8-M2M6 Unsafe deserialization in confire

An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An...

Hadoop YARN ResourceManager Command Execution Vulnerability

Apache Hadoop is an open source distributed system infrastructure. In YARN, ResourceManager is responsible for the unified management and allocation of all resources in the cluster, it receives resource reporting information from each node NodeManager, and assigns this information to each...

CVE-2018-2437

The SAP Internet Graphics Service IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification...

CVE-2018-9023

An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the updatecrld script...

CloudBees Jenkins Absint Astree Plugin Command Execution Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Absint Astree Plugin is used in one ...

Cisco Network Services Orchestrator CLI Parser Input Validation Vulnerability

Cisco Network Services Orchestrator NSO is a set of network automation service solutions from Cisco USA.CLI parser is one of the command line command parser. An input validation vulnerability exists in the CLI parser in Cisco NSO that stems from the program failing to adequately perform input...

CVE-2013-10060

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgeardgn2200bpppoeexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

Command Execution Vulnerability in Multiple TP-Link Enterprise Routers

The Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers from P&L Technologies. A command execution vulnerability exists in several TP-Link enterprise routers. An attacker can exploit the vulnerability to elevate from administrator...

Joomla! Acyba AcyMailing Extension CVS Injection Vulnerability

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . Acyba AcyMailing extension is used in one of the e-mail plug-ins . A CVS injection vulnerability exists in the Acyba AcyMailin...

xml entity injection vulnerability in CLTPHP version 5.5.3

CLTPHP is a content management system developed in ThinkPHP with the Layui framework in the backend. CLTPHP version 5.5.3 has an XML entity injection vulnerability in the program implementation, which can be exploited by attackers to read arbitrary files, execute system commands, probe intranet...

The vulnerability of the Veritas Access data storage system and the software tools for backup and data recovery, namely Veritas NetBackup and Veritas NetBackup Appliance, stems from insufficient restrictions on the execution of authorized user commands. This allows attackers to execute arbitrary privileged commands.

The vulnerability of the Veritas Access data storage system and the NetBackup and NetBackup Appliance backup and recovery software lies in the insufficient restrictions on the execution of authorized user commands. Exploiting this vulnerability allows an attacker to execute arbitrary privileged...