1801 matches found
CVE-2025-63334
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submitopacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execu...
PT-2025-45161
Name of the Vulnerable Software and Affected Versions PocketVJ CP versions 3.9.1 Description The application does not properly sanitize user input in the opacityValue POST parameter before it is used in a shell command. This allows remote attackers to execute arbitrary commands with root privileg...
CVE-2013-10073
CVE-2013-10073 affects Nagios XI versions prior to 2012R1.6. The Auto-Discovery tool accepts user-controlled input that is passed to a shell without adequate sanitation or argument quoting, enabling an authenticated user with discovery access to execute arbitrary commands with the privileges of t...
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
CVE-2025-61141
sqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environment variable and config file path to sh -c without sanitization, allowing attackers to execute arbitrary commands...
PT-2025-44535
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.6 Description Nagios XI versions prior to 2012R1.6 contain a shell command injection issue in the Auto-Discovery tool. User-controlled input is passed to a shell without proper sanitization or argument quotin...
GHSA-RJ5C-58RQ-J5G5 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name
Summary A command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor Details 1. generatecursordeeplinkservername, … embeds servername verbatim in a cursor://…?name= query string...
WordPressCVEExploitProject
CVE Session 1 How to Run exploit 1. Build the docker...
CVE-2025-10680
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...
CVE-2016-15048 AMTT HiBOS Command Injection RCE via server_ping.php
AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...
VulnCheck KEV: CVE-2016-15048
AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...
BESTWOND Intelligent Flow Control Router 安全漏洞
BESTWOND Intelligent Flow Control Router is an intelligent flow control router from China's BESTWOND. A security vulnerability exists in the BESTWOND Intelligent Flow Control Router that stems from not properly validating the path parameter and displaying it back to the shell environment, which...
EUVD-2017-5980
Malware in sbrugna...
EUVD-2017-5978
Malware in sbrugna...
EUVD-2020-0299
Malware in sbrugna...
EUVD-2020-12770
Malware in sbrugna...
EUVD-2019-16925
Malware in sbrugna...
EUVD-2016-6813
Malware in sbrugna...
EUVD-2018-0740
Malware in sbrugna...