4 matches found
EUVD-2026-41405
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit after an authentication redirect in loader.php combined with unsanitized input passed to shellexec in...
CVE-2026-58455
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit after an authentication redirect in loader.php combined with unsanitized input passed to shellexec in...
CVE-2026-58455
Dockwatch 0.6.567 is affected by an unauthenticated OS command injection. The flaw arises from a missing exit() after an authentication redirect in loader.php and unsanitized input passed to shell_exec() in ajax/compose.php, allowing an attacker to seed a session flag via an incomplete auth check...
Dockwatch Remote Command Execution Exploit
Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials for access. It has a Commands feature that allows a user to run docker commands such as inspect, network, ps. Prior to fix, it did not...