CVE-2002-2348

Cross-site scripting XSS vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

PT-2025-20922 · Edimax · Edimax Cv7428Ns

Name of the Vulnerable Software and Affected Versions: EDIMAX CV7428NS version 1.20 Description: A remote code execution issue was discovered, allowing exploitation via the command parameter in the mp function. Recommendations: For EDIMAX CV7428NS version 1.20, consider restricting access to the ...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

DEBIAN-CVE-2025-2361

A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting. The attack can be initiated remotely. The exploit has be...

reNgine 注入漏洞

reNgine is an automated reconnaissance framework for web applications from the individual developer Yogesh Ojha. Focused on a highly configurable streamlined scouting process supported by an engine, scouting data association and organization, continuous monitoring, supported by a database and a...

CVE-2025-22905

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

Xcomic 操作系统命令注入漏洞

Xcomic is a comic management script by the individual developer Michael Huynh. An operating system command injection vulnerability exists in Xcomic version 0.8.2 and earlier, which stems from the fact that manipulation of the cmd parameter can lead to operating system command injection...

CVE-2024-41319

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function...

flatpak: sandbox escape via RequestBackground portal

A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. Normally, the "--command" argument of "flatpak run" expects being given a command to run in the specified Flatpak app, along with optional arguments. However, it is possible to...

Slackware: Security Advisory (SSA:2024-103-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Telesquare TLR-2005Ksh 安全漏洞

The Telesquare TLR-2005Ksh is a wireless router from the South Korean company Telesquare. A security vulnerability exists in Telesquare TLR-2005Ksh version 1.0.0 and 1.1.4, which originated from a vulnerability that allows an attacker to run arbitrary system commands via the Cmd parameter...

UBUNTU-CVE-2021-47079

In the Linux kernel, the following vulnerability has been resolved: platform/x86: ideapad-laptop: fix a NULL pointer dereference The third parameter of dytccqlcommand should not be NULL since it will be dereferenced immediately...

TOTOLINK N200RE command parameter buffer overflow vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the command parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

PT-2024-15962 · Unknown · Asterisk-Cli +1

Name of the Vulnerable Software and Affected Versions: Issabel PBX version 4.0.0 Description: A critical issue affects the processing of the file /index.php?menu=asterisk cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be...

CVE-2023-43455

An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component...

CVE-2023-43455

CVE-2023-43455 affects TOTOLINK X6000R versions V9.4.0cu.652_B20230116 through V9.4.0cu.852_B20230719.** The issue allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.** Root cause details are not expanded beyond this parameter ha...