Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

In Struts 2 before 2.3.15.1 the information following "action:", "redirect:", or "redirectAction:" is not properly sanitized and will be evaluated as an OGNL expression against the value stack. This introduces the possibility to inject server side code. id: CVE-2013-2251 info: name: Apache Struts...

SmarterMail - Remote Code Execution

SmarterTools SmarterMail build 9511 contains an unauthenticated remote code execution caused by malicious OS command execution via ConnectToHub API method, letting remote attackers execute arbitrary commands, exploit requires no authentication. id: CVE-2026-24423 info: name: SmarterMail - Remote...

Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keysfor 'roles' used for access control within the database, including the special case 'admin' role, th...

PhpColl 2.5.1 Arbitrary File Upload

PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/ via clients/editclient.php. id: CVE-2017-6090 info: name: PhpColl 2.5.1 Arbitrary File Uplo...

Apache Tomcat - Remote Code Execution

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

XML-RPC Server - Remote Code Execution

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups. id: CVE-2017-11610 info: name: XML-RPC Serve...

PHPUnit - Remote Code Execution

PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring via Util/PHP/eval-stdin.php , as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...

Apache Struts2 S2-052 - Remote Code Execution

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads. id: CVE-2017-9805 info: name:...

Primetek Primefaces 5.x - Remote Code Execution

Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution. id: CVE-2017-1000486 info: name: Primetek Primefaces 5.x - Remote Code Execution author: Moritz Nentwig severity: critical description: Primetek Primefaces 5.x is vulnerable to a weak encryption fl...

Apache OFBiz - Improper Authorization & Remote Code Execution

Improper Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met...

Apache OFBiz Directory Traversal - Remote Code Execution

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.13 id: CVE-2024-32113 info: name: Apache OFBiz Directory Traversal - Remote Code Execution author: DhiyaneshDK severity: high description: |...

LG Simple Editor <= v3.21.0 - Command Injection

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

Chamilo LMS <= 1.11.24 - Remote Code Execution

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. id: CVE-2023-422...

Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. id: CVE-2024-7399 info: name: Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution author:...

Unauthenticated Remote Code Execution – Bricks <= 1.9.6

Bricks Builder is a popular WordPress development theme with approximately 25,000 active installations. It provides an intuitive drag-and-drop interface for designing and building WordPress websites. Bricks = 1.9.6 is vulnerable to unauthenticated remote code execution RCE which means that anybod...

Veeam Backup & Replication - Unauthenticated

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. id: CVE-2024-40711 info: name: Veeam Backup & Replication - Unauthenticated author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | A deserializati...

Strapi Versions <=4.5.5 - SSTI to Remote Code Execution

Strapi through 4.5.5 allows authenticated Server-Side Template Injection SSTI that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses t...

Cisco IOS XE Web UI - Command Injection

A vulnerability in the web UI component of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system. This vulnerability is due to improper input validation in the web UI. An attacker could exploit...

Anyscale Ray - Remote Code Execution

Anyscale Ray 2.6.3 and 2.8.0 contain a remote code execution vulnerability due to insecure job submission API, allowing attackers to execute arbitrary code remotely if they have network access to the Ray Dashboard API. id: CVE-2023-48022 info: name: Anyscale Ray - Remote Code Execution author:...

Adobe ColdFusion - Deserialization of Untrusted Data

Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-38203 info: name:...