Quiz and Survey Master <= 8.1.4 - SQL Injection

ExpressTech Quiz And Survey Master versions up to 8.1.4 contains an SQL injection caused by improper neutralization of special elements used in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2023-28787 info: name: Quiz and Survey Master =...

Apache Pinot < 1.3.0 - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot. Authentication is not required to exploit this vulnerability.The specific flaw exists within the AuthenticationFilter class. The issue results from insufficient neutralization of special...

VelotiSmart Wifi - Directory Traversal

VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80. id: CVE-2018-14064 info: name: VelotiSmart Wifi - Directory Traversal author: 0xAkoko severity: critical description: VelotiSmart WiFi B-380 camera...

Netgear R6850 V1.1.0.88 - Command Injection

Netgear R6850 router firmware version V1.1.0.88 suffers from a command injection vulnerability in the pingtest functionality. An unauthenticated attacker can inject arbitrary system commands through the c4IPAddr parameter, resulting in remote code execution as root. id: CVE-2024-30568 info: name:...

Vipshop Saturn Console <= 3.5.1 - SQL Injection via ClusterKey Component

SQL injection vulnerability in vipshop Saturn v.3.5.1 and before allows a remote attacker to execute arbitrary code via /console/dashboard/executorCount?zkClusterKey component. id: CVE-2025-29085 info: name: Vipshop Saturn Console = 3.5.1 - SQL Injection via ClusterKey Component author:...

Shopware < 6.5.8.13 - SQL Injection

The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the "aggregations" object. The name field in this "aggregations" ...

Kemp LoadMaster Load Balancer - Unauthenticated Command Injection

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above. ECS: All versions.Multi-Tenancy: 7.1.35.4 and above. id: CVE-2024-7591 info: name: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection autho...

ASUS DSL-AC88U - Authentication Bypass

A vulnerability in the ASUS DSL-AC88U router permits unauthorized individuals to bypass authentication.When adding "/js/..%2f%2f" or "/images/..%2f%2e" to the requested URL, it will be recognized as passing the authentication.This vulnerability is part of a broader authentication bypass issue...

pfSense pfBlockerNG - OS Command Injection

pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header. id: CVE-2022-40624 info: name: pfSense pfBlockerNG - OS Command Injection author: ritikchaddha severity: critical description: | pfSense pfBlockerNG through 2.1.427 allow...

CentOS Web Panel - SQL Injection

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. id: CVE-2021-31316 info: name: CentOS Web Panel - SQL Injection author: ritikchaddha severity: critical description: | The unprivileged user portal part of CentOS Web Pane...

Mitel MiCollab - Arbitary File Read

The Mitel Collab Arbitrary File Read vulnerability allows an unauthenticated attacker to read arbitrary files from the underlying file system on a Mitel Collab server. Exploiting this flaw involves sending specially crafted requests to the server, bypassing access controls and allowing the attack...

TP-Link Archer C20 - Authentication Bypass

A vulnerability in the TP-Link Archer C20 router with firmware version V6.6230412 and earlier permits unauthorized individuals to bypass authentication on interfaces under the /cgi directory. When adding a Referer header with value "http://tplinkwifi.net" to requests, the router will recognize th...

CentOS Web Panel - OS Command Injection

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. id: CVE-2021-31324 info: name: CentOS Web Panel - OS Command Injection author: ritikchaddha severity: critical description: | The unprivileged user portal...

Roundcube Webmail - Command Injection

Roundcube Webmail before 1.4.4 contains a command injection caused by shell metacharacters in configuration settings for imconvertpath or imidentifypath, letting attackers execute arbitrary code, exploit requires attacker to control configuration settings. id: CVE-2020-12641 info: name: Roundcube...

WordPress ShowBiz Pro <= 1.7.1 - Authenticated Arbitrary File Upload to RCE

The WordPress ShowBiz Pro plugin version = 1.7.1 allows arbitrary PHP file upload via the admin-ajax.php endpoint.This leads to unauthenticated remote code execution. id: CVE-2015-9499 info: name: WordPress ShowBiz Pro = 1.7.1 - Authenticated Arbitrary File Upload to RCE author:...

Hunk Companion <= 1.8.4 - Arbitrary Plugin Installation

The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to...

n8n Webhooks - Remote Code Execution

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker,...

Pterodactyl Panel - Remote Code Execution

Pterodactyl is a free, open-source game server management panel. Using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. id: CVE-2025-49132 info: name: Pterodactyl Panel - Remote Code Execution...

UniFi OS Server - Command Injection

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. id: CVE-2026-34910 info: name: UniFi OS Server - Command Injection author: Kazgangap severity: critical description: | A malicious actor...

WordPress WP Clone <= 2.4.2 - Database Backup Exposure

Clone WordPress plugin 2.4.3 contains a buffer overflow caused by storing in-progress backup information in publicly accessible buffer files at a static file path, letting attackers access sensitive backup data, exploit requires no special privileges id: CVE-2023-6750 info: name: WordPress WP Clo...