Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-5303

Malware in sbrugna...

4.3CVSS6.4AI score0.011EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-18050

Malware in sbrugna...

10CVSS9.5AI score0.06723EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0886

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00676EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/23 1:50 p.m.14 views

CVE-2018-25114 osCommerce 2.3.4.1 Installer Unauthenticated Configuration File Injection PHP Code Execution

A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can...

9.3CVSS0.0282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/23 1:50 p.m.4 views

CVE-2018-25114 osCommerce 2.3.4.1 Installer Unauthenticated Configuration File Injection PHP Code Execution

A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can...

9.3CVSS7.8AI score0.0282EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:9 a.m.12 views

CVE-2024-27287

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized...

6.5CVSS7.3AI score0.00676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 p.m.6 views

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

9.8CVSS7.8AI score0.36632EPSS
Exploits5References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.2 views

SUSE CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

7.5CVSS7.8AI score0.10914EPSS
Exploits3References3
seebug.org
seebug.org
added 2021/08/11 12:0 a.m.834 views

Buffalo和Arcadyan多款路由器认证绕过RCE等多个漏洞

Tenable has discovered multiple vulnerabilities in routers manufactured by Arcadyan. During the disclosure process for the issues discovered in the Buffalo routers, Tenable discovered that CVE-2021-20090 affected many more devices, as the root cause of the vulnerability exists in the underlying...

7.5CVSS0.2AI score0.99983EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.40 views

CMS Made Simple 2.1.6 - Remote Code Execution

CMS Made Simple 2.1.6 - Remote Code Execution Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution Date: 2018-02-26 Exploit Author: Keerati T. Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2. 1.6-install.zip Version: 2.1....

8.5CVSS0.1AI score0.12994EPSS
Exploits5
NVD
NVD
added 2018/02/06 3:29 p.m.30 views

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

10CVSS9.7AI score0.06723EPSS
Exploits1References2
Prion
Prion
added 2018/02/06 3:29 p.m.15 views

Design/Logic Flaw

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

10CVSS9.6AI score0.06723EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/02/06 3:0 p.m.28 views

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

9.8AI score0.06723EPSS
Exploits1References2
CVE
CVE
added 2018/02/06 3:0 p.m.47 views

CVE-2018-6289

Kaspersky Secure Mail Gateway 1.1.0.379 has a Web Management Console vulnerability (CVE-2018-6289) that allows configuration-file injection into /etc/postfix/main.cf, enabling arbitrary commands to execute as root. The Core Security advisory CORE-2017-0010 details that adding a crafted BCC addres...

10CVSS9.6AI score0.06723EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2013/02/05 12:0 a.m.31 views

Nagios XI 2012R1.5b XSS / Command Execution / SQL Injection / CSRF

Nagios XI version 2012R1.5b suffers from cross site request forgery, cross site scripting, remote command injection, and remote SQL injection vulnerabilities. Reflected XSS: Alert Cloud Component: Example URL: http://nagiosxiserver/nagiosxi/includes/components/alertcloud/index.php?width=800";...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2013/02/03 12:0 a.m.37 views

Nagios XI 2012R1.5b XSS / Command Execution / SQL Injection / CSRF

Reflected XSS: Alert Cloud Component: Example URL: http://nagiosxiserver/nagiosxi/includes/components/alertcloud/index.php?width=800"; alert'xss'; var aa="a" : "b" : " The vulnerable code in Alert Cloud's index.php appears to have been copied and pasted into several other components as well...

1AI score
Exploits0
Rows per page
Query Builder