Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3872 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/29 11:0 p.m.7 views

CVE-2026-5101

A vulnerability was identified in Totolink A3300R 17.0.0cu.557b20221024. This affects the function setLanCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument lanIp leads to command injection. Remote exploitation of the attack is possible. The...

6.5CVSS5.7AI score0.02179EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/03/29 5:16 p.m.5 views

CVE-2026-34005

In Sofia on Xiongmai DVR/NVR AHB7008T-MH-V2 and NBD7024H-P 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol TCP port 34567 request to the NetWork.NetCommon configuration handler, because system is used...

8.8CVSS0.01539EPSS
Exploits0References2
NVD
NVDadded 2026/03/29 10:15 a.m.4 views

CVE-2026-5041

A vulnerability was identified in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. The attack may be initiated remotely. The...

5.8CVSS0.01894EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/29 9:45 a.m.3 views

CVE-2026-5041

A vulnerability was identified in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. The attack may be initiated remotely. The...

5.8CVSS5.8AI score0.01894EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/03/29 9:45 a.m.36 views

CVE-2026-5041 code-projects Chamber of Commerce Membership Management System pageMail.php fwrite command injection

A vulnerability was identified in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. The attack may be initiated remotely. The...

5.8CVSS0.01894EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/29 9:45 a.m.5 views

CVE-2026-5041 code-projects Chamber of Commerce Membership Management System pageMail.php fwrite command injection

A vulnerability was identified in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. The attack may be initiated remotely. The...

5.8CVSS5.8AI score0.01894EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/29 6:31 a.m.3 views

EUVD-2026-16971

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument hosttime leads to command injection. The attack can be initiated remotely. Th...

6.5CVSS5.6AI score0.02281EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2026/03/29 3:30 a.m.2 views

CVE-2026-5030

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument hosttime leads to command injection. The attack can be initiated remotely. Th...

6.5CVSS6.3AI score0.02281EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/03/29 1:15 a.m.3 views

CVE-2026-5020

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

9.8CVSS0.02234EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/29 12:30 a.m.1 views

CVE-2026-5020

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS5.7AI score0.02234EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/03/29 12:30 a.m.33 views

CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS0.02234EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/29 12:0 a.m.5 views

PT-2026-28755

A vulnerability was identified in Totolink A3300R 17.0.0cu.557 b20221024. This affects the function setLanCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument lanIp leads to command injection. Remote exploitation of the attack is possible. The...

6.5CVSS5.7AI score0.02179EPSS
Exploits1References7
EUVD
EUVDadded 2026/03/28 9:33 p.m.3 views

EUVD-2026-16943

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

7.5CVSS6.7AI score0.01381EPSS
Exploits0References6
NVD
NVDadded 2026/03/28 8:16 p.m.5 views

CVE-2026-5012

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

7.5CVSS0.01381EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/28 7:15 p.m.3 views

CVE-2026-5012

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

7.5CVSS5.6AI score0.01381EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.3 views

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00996EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/28 12:0 a.m.4 views

PT-2026-28726

Name of the Vulnerable Software and Affected Versions elecV2 versions prior to 3.8.4 Description A flaw exists in elecV2, specifically in the pm2run function within the /rpc file. A manipulation of this function can lead to operating system command injection. This issue can be exploited remotely...

7.5CVSS5.7AI score0.01381EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/03/27 11:53 a.m.4 views

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00996EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/27 4:59 a.m.7 views

CVE-2026-4840

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...

9CVSS6.7AI score0.08263EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.5 views

PT-2026-31589

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The issue is related to the setVpnPassCfg function within the CGI Handler component, specifically in the fil...

10CVSS7.3AI score0.15952EPSS
Exploits0References13
Rows per page
Query Builder