Lucene search
K

6 matches found

UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.12 views

CVE-2026-48695

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

8.1CVSS5.9AI score0.0107EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.12 views

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

9.8CVSS5.9AI score0.01645EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43274

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.3.0 Description An OS command injection issue exists in the Juniper router integration plugin. The log function in src/juniper plugin/fastnetmon juniper.php constructs shell commands by...

9.8CVSS5.5AI score0.01645EPSS
Exploits1References17
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.3 views

The vulnerability of the `file_get_contents()` and `file_put_contents()` methods in the Ignition PHP framework’s Laravel library allows a attacker to execute arbitrary code.

The vulnerability of the filegetcontents and fileputContents methods in the Ignition PHP framework’s Laravel library is related to improper code generation. Exploiting this vulnerability may allow an attacker to execute arbitrary code...

10CVSS8AI score0.99943EPSS
Exploits36References7Affected Software2
wpexploit
wpexploit
added 2021/10/11 12:0 a.m.767 views

Similar Posts < 3.1.6 - Admin+ Arbitrary PHP Code Execution

The plugin allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin. Vendor was notified in July 2021, the issue was...

7.2CVSS1.3AI score0.01514EPSS
Exploits2
wpexploit
wpexploit
added 2021/09/13 12:0 a.m.812 views

EditorsKit < 1.31.6 - Contributor+ Arbitrary PHP Code Execution

The plugin does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as low contributor to execute Arbitrary PHP code As a contributor, create/edit a post and put the below code while in Code Editor mode: \naa\n Save or Preview the page,...

8.8CVSS1.1AI score0.01753EPSS
Exploits2
Rows per page
Query Builder