CVE-1999-0509

Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands...

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution...

CVE-1999-0365

The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry...

CVE-1999-0150

The Perl fingerd program allows arbitrary command execution from remote users...

CVE-1999-0679

Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via minvite invite option...

CVE-1999-0204

Sendmail 8.6.9 allows remote attackers to execute root commands, using ident...

CVE-1999-0332

Buffer overflow in NetMeeting allows denial of service and remote command execution...

CVE-1999-0152

The DG/UX finger daemon allows remote command execution through shell metacharacters...

CVE-1999-0404

Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution...

CVE-2019-7295

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula...

CVE-2019-7300

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldapadmin and ldappassword fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field...

CVE-2019-16730

processCommandUpgrade in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

CVE-2019-16891

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload...

CVE-2019-16734

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

CVE-2019-16755

BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions: 3.x to 18.x, all...

CVE-2019-12185

eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the we...

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters...

CVE-2019-12868

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

CVE-2019-12744

SeedDMS before 5.1.11 allows Remote Command Execution RCE because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940...

EUVD-2025-206251

A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the argument SZCMD results in os command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The...