Lucene search
+L

30 matches found

nvd
nvd
added 2026/07/01 5:16 p.m.9 views

CVE-2026-34112

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmac.php line 18 without sanitization: exec"php jobs/speechaudiomac.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00537EPSS
Exploits0References2
nvd
nvd
added 2026/07/01 5:16 p.m.7 views

CVE-2026-34115

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribeamazon.php line 15 without sanitization: exec"php jobs/transcribeamazon.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00537EPSS
Exploits0References2
nvd
nvd
added 2026/07/01 5:16 p.m.9 views

CVE-2026-34108

Guardian language-system passes the id GET parameter directly into a PHP exec call in text.php line 15 without sanitization: exec"php jobs/text.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute...

9.8CVSS0.00549EPSS
Exploits0References2
cve
cve
added 2026/07/01 4:24 p.m.18 views

CVE-2026-34117

Guardian Language-System is affected by CVE-2026-34117 due to a vulnerability in text_to_subtitles.php where the id GET parameter is passed directly into PHP exec() without sanitization. This allows an unauthenticated, remote attacker to append shell metacharacters and execute arbitrary OS comman...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 4:23 p.m.8 views

EUVD-2026-41075

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribe.php line 15 without sanitization: exec"php jobs/transcribe.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 4:22 p.m.10 views

EUVD-2026-41074

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribeamazon.php line 15 without sanitization: exec"php jobs/transcribeamazon.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/01 4:20 p.m.37 views

CVE-2026-34112 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmac.php line 18 without sanitization: exec"php jobs/speechaudiomac.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00537EPSS
Exploits0References2
cve
cve
added 2026/07/01 4:20 p.m.19 views

CVE-2026-34111

CVE-2026-34111 : Guardian Language-System vulnerability where speechmac_text.php passes $_GET['id'] directly into an exec() call, enabling unauthenticated remote command execution via shell metacharacters. Affects the Guardian Language-System component (speech_text path) and is scored CRITICAL (C...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 4:17 p.m.9 views

EUVD-2026-41066

Guardian language-system passes the id GET parameter directly into a PHP exec call in text.php line 15 without sanitization: exec"php jobs/text.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 4:16 p.m.8 views

EUVD-2026-41063

Guardian language-system passes the id GET parameter directly into a PHP exec call in subtitles.php line 19 without sanitization: exec"php jobs/subtitlerendering.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.0068EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2020-14766

Malware in sbrugna...

8.5CVSS7.8AI score0.01059EPSS
Exploits2References3
cnnvd
cnnvd
added 2023/09/25 12:0 a.m.7 views

WordPress plugin Import XML and RSS Feeds Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...

7.2CVSS8.3AI score0.01698EPSS
Exploits2References2
wpvulndb
wpvulndb
added 2022/12/23 12:0 a.m.34 views

User Post Gallery <= 2.19 - Unauthenticated RCE

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. PoC Invoke the following curl command to execute the "id" command via PHP's exec function: curl -i...

9.8CVSS4.9AI score0.42723EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.347 views

User Post Gallery <= 2.19 - Unauthenticated RCE

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. Invoke the following curl command to execute the "id" command via PHP's exec function: curl -i...

9.8CVSS1.7AI score0.42723EPSS
Exploits2
packetstorm
packetstorm
added 2021/05/10 12:0 a.m.189 views

Microweber CMS 1.1.20 Remote Code Execution

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

6.5CVSS0.1AI score0.16611EPSS
Exploits4
nvd
nvd
added 2021/04/27 6:15 p.m.15 views

CVE-2020-22000

HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'setcommandon' and 'setcommandoff' POST parameters in...

8.5CVSS0.01059EPSS
Exploits2References2
prion
prion
added 2021/04/27 6:15 p.m.11 views

Design/Logic Flaw

HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'setcommandon' and 'setcommandoff' POST parameters in...

8.5CVSS8.2AI score0.01059EPSS
Exploits2References2Affected Software1
cve
cve
added 2021/04/27 5:51 p.m.54 views

CVE-2020-22000

CVE-2020-22000 affects HomeAutomation 3.3.2. An authenticated OS command execution vulnerability exists in the customcommand v0.1 plugin, exploitable via CSRF to run arbitrary shell commands as the web user through unsanitized PHP exec() calls in /system/systemplugins/customcommand/customcommand....

8.5CVSS8.2AI score0.01059EPSS
Exploits2References2Affected Software1
cvelist
cvelist
added 2021/04/27 5:51 p.m.21 views

CVE-2020-22000

HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'setcommandon' and 'setcommandoff' POST parameters in...

8.3AI score0.01059EPSS
Exploits2References2
prion
prion
added 2020/07/01 5:15 p.m.16 views

Code injection

php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution...

7.5CVSS9.6AI score0.02931EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder