Apache S2-032 Struts - Remote Code Execution

Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invocation is enabled, allows remote attackers to execute arbitrary code via method: prefix related to chained expressions. id: CVE-2016-3081 info: name: Apache S2-032 Struts - Remote Code Execution...

Joomla! JCE extension < 2.9.99.5 unauthenticated RCE

Joomla JCE editor extension contains an unrestricted file upload vulnerability caused by allowing unauthenticated users to create new editor profiles, letting attackers upload and execute PHP code remotely, exploit requires no authentication. id: CVE-2026-48907 info: name: Joomla! JCE extension...

FoxCMS v.1.2.5 - Remote Code Execution

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component. id: CVE-2025-29306 info: name: FoxCMS v.1.2.5 - Remote Code Execution author: ritikchaddha severity: critical description: | An issue in FoxCMS v.1.2.5 allows a...

NestJS DevTools Integration - Remote Code Execution

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

Issabel Authenticated - Remote Code Execution

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

Qualitor <= 8.24 - Remote Code Execution

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php. id: CVE-2024-44849 info: name: Qualitor = 8.24 - Remote Code Execution author: s4e-io severity: critical description: | Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via...

D-Link NAS - Command Injection via Group Parameter

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. i...

BerqWP <= 1.7.6 - Arbitrary File Upload

The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /api/storewebp.php file in all versions up to, and including, 1.7.6...

vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verifyserialized checks that a value is serialized by calling unserialize and then checking for errors. id: CVE-2023-25135...

PaperCut NG Unauthenticated XMLRPC Functionality

PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch. id: CVE-2023-4568 info: name: PaperCut NG Unauthenticated XMLRPC Functionality...

PaperCut < 22.1.3 - Path Traversal

PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files. id: CVE-2023-39143 info: name: PaperCut 22.1.3 - Path Traversal author: pdteam severity: critical description: PaperCut NG and PaperCut MF before 22.1.3...

Viessmann Vitogate 300 - Remote Code Execution

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method. id: CVE-2023-45852 info: name: Viessmann Vitogate 300 - Remote Code Execution autho...

IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect

An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL. id: CVE-2023-40779 info: name: IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect author: r3Y3r53 severity: medium description: | An issue in...

Bitrix Component - Cross-Site Scripting

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim ha...

Moodle - Cross-Site Scripting/Remote Code Execution

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. Moodle versions 4.1.x before 4.1.3 and 4.2.x before...

Rudder Server < 1.3.0-rc.1 - SQL Injection

Rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter. id: CVE-2023-30019 info: name: Imgproxy = 3.14.0 - Server-side request forgery SSRF author: DhiyaneshDK severity: medium description: | imgproxy =3.14.0 is vulnerable to...

Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite

A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...

geojson2kml - Command Injection

Detects command injection vulnerability by checking if hacked.txt is created and contains the expected content. id: CVE-2020-28429 info: name: geojson2kml - Command Injection author: eeche,chae1xx1os,persona-twotwo,soonghee2 severity: critical description: | Detects command injection vulnerabilit...

ISPConfig - PHP Code Injection

An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled. id: CVE-2023-46818 info: name: ISPConfig - PHP Code Injection author: non-things severity: high description: | An issue was discovered...