ManageEngine ADManager Plus - Command Injection

Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings. id: CVE-2023-29084 info: name: ManageEngine ADManager Plus - Command Injection author: rootxharsh,iamnoooob,pdresearch severity: high description: | Zoho ManageEngine...

Juniper J-Web - Remote Code Execution

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote commands id: CVE-2023-36845 info: name: Juniper J-Web - Remote Code...

LiteLLM - Command Injection

A critical unauthenticated remote code execution vulnerability exists in LiteLLM due to improper input handling in the MCP stdio test endpoint. An attacker can send a specially crafted request to the /mcp-rest/test/connection endpoint with controlled parameters, resulting in arbitrary command...

MAGMI - Cross-Site Request Forgery

MAGMI Magento Mass Importer is vulnerable to cross-site request forgery CSRF due to a lack of CSRF tokens. Remote code execution via phpcli command is also possible in the event that CSRF is leveraged against an existing admin session. id: CVE-2020-5776 info: name: MAGMI - Cross-Site Request...

Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE

Gladinet CentreStack through 16.1.10296.56315 fixed in 16.4.10315.56368 has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors who know the machineKey to serialize a payload for server-side...

WPvivid Backup & Migration <= 0.9.123 - Arbitrary File Upload

WPvivid Backup & Migration plugin for WordPress = 0.9.123 contains an unauthenticated arbitrary file upload vulnerability caused by improper error handling in RSA decryption and lack of path sanitization, letting unauthenticated attackers upload arbitrary PHP files and achieve remote code executi...

n8n Webhooks - Remote Code Execution

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker,...

Breeze <= 2.4.4 - Arbitrary File Upload

Breeze Cache WordPress plugin = 2.4.4 contains an unrestricted file upload vulnerability caused by missing file type validation in 'fetchgravatarfromremote' function, letting unauthenticated attackers upload arbitrary files, exploit requires 'Host Files Locally - Gravatars' enabled. id:...

Cockpit Web Console < 360 - Remote Code Execution

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

SmarterMail - Remote Code Execution

SmarterTools SmarterMail build 9511 contains an unauthenticated remote code execution caused by malicious OS command execution via ConnectToHub API method, letting remote attackers execute arbitrary commands, exploit requires no authentication. id: CVE-2026-24423 info: name: SmarterMail - Remote...

Qwik - Unauthenticated RCE via server$ Deserialization

Qwik =1.19.0 contains an insecure deserialization vulnerability in the server$ RPC mechanism, letting unauthenticated attackers execute arbitrary code remotely, exploit requires require availability at runtime. id: CVE-2026-27971 info: name: Qwik - Unauthenticated RCE via server$ Deserialization...

Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload

Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...

BillQuick Web Suite SQL Injection

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xpcmdshell. id: CVE-2021-42258 info: name: BillQuick Web Suite SQL Injection...

Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)

Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28481 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...

Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass

Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x are vulnerable to authentication bypass. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the...

XStream <1.4.17 - Remote Code Execution

XStream before 1.4.17 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of...

Kramer VIAware - Privilege Escalation and Remote Code Execution

Kramer VIAware, all tested versions, allow privilege escalation and remote code execution due to misconfigured sudo permissions. Attackers can execute arbitrary system commands remotely if the web interface is accessible, due to vulnerabilities in the handling of privileged operations through...

AlquistManager Local File Inclusion

AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. id...

vRealize Operations Manager API - Server-Side Request Forgery

vRealize Operations Manager API is susceptible to server-side request forgery. A malicious actor with network access to the vRealize Operations Manager API can steal administrative credentials or trigger remote code execution using CVE-2021-21983. id: CVE-2021-21975 info: name: vRealize Operation...

SDT-CW3B1 1.1.0 - OS Command Injection

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. id: CVE-2021-46422 info: name: SDT-CW3B1 1.1.0 - OS Command Injection author: badboycxcc,prajiteshsingh severity: critical description: ...