TencentOS Server 2: httpd (TSSA-2026:0012)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0012 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

MiracleLinux 4 : xorg-x11-server-utils-7.4-15.AXS4.1 (AXSA:2011-155:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-155:01 advisory. A collection of utilities used to tweak and query the runtime configuration of the X server Security issues fixed with this release; CVE-2011-0465 xrdb.c in...

MiracleLinux 3 : logwatch-7.3-9.AXS3 (AXSA:2011-82:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-82:01 advisory. Logwatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wi...

CVE-2023-54339

Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php. Attackers can execute arbitrary system commands by manipulating the dataFile parameter, such as using payload '0%27%26calc.exe%26%27'...

CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

UBUNTU-CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

CVE-2025-69425

The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 GA expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password TOTP secret and an embedded static token. An attacker who...

CVE-2025-64091

This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of the device...

CVE-2025-64090

This vulnerability allows authenticated attackers to execute commands via the hostname of the device...

CVE-2026-22601

OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...

CVE-2023-54339 Webgrind 1.1 - Remote Command Execution (RCE) via dataFile Parameter

Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php. Attackers can execute arbitrary system commands by manipulating the dataFile parameter, such as using payload '0%27%26calc.exe%26%27'...

CVE-2023-54339

Webgrind 1.1 is affected by a remote command execution vulnerability in index.php via the unvalidated dataFile parameter. An unauthenticated attacker can inject and execute OS commands (example payload: '0%27%26calc.exe%26%27'). The issue stems from dataFile handling, enabling arbitrary system co...

CVE-2026-0855

Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2023-54329 Inbit Messenger 4.9.0 - Unauthenticated Remote Command Execution (RCE)

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload t...

CVE-2023-54329 Inbit Messenger 4.9.0 - Unauthenticated Remote Command Execution (RCE)

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload t...

CVE-2023-54329

Inbit Messenger 4.6.0–4.9.0 is affected by an unauthenticated remote command execution via a stack overflow in the messenger’s protocol. The vulnerability allows attackers to send specially crafted XML packets to TCP port 10883 to trigger execution of arbitrary commands with system privileges. Th...

CVE-2022-50806 4images 1.9 - Remote Command Execution (RCE)

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...

CVE-2022-50806

CVE-2022-50806 affects 4images 1.9. The vulnerability is a remote command execution where authenticated administrators can inject reverse shell code through the template editing feature and execute commands via categories.php with a crafted cat_id parameter. Exploitation details and affected comp...