CVE-2018-0625

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter...

CVE-2018-17933

CVE-2018-17933 affects Vecna VGo Robot versions 3.0.3.52164 and 3.0.3.53662 (and earlier). The root issue is improper authorization, allowing user accounts to execute commands outside their privileges, potentially within admin scope, when connected via VGo XAMPP. The IV (under Update A) notes an ...

CVE-2017-13664

Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file...

Juniper SSG Series device ScreenOS cross-site scripting vulnerability (CNVD-2017-23955)

The Juniper SSG Series is a family of firewall appliances from Juniper Networks.ScreenOS is one of the operating systems. A cross-site scripting vulnerability exists in Firewall+VPN in ScreenOS on Juniper SSG Series devices. A remote attacker can exploit this vulnerability to inject HTML/JavaScri...

PHP-Nuke 6.x/7.0/7.1 Image Tag Admin Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9895/info It has been reported that PHP-Nuke is prone to a remote admin command execution vulnerability. This issue is due to a design error that allows an attacker to specify arbitrary URI values in bbCode tags contained...

CVE-2013-0083

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."...