410 matches found
CVE-2026-1734
CVE-2026-1734 affects Zhong Bang CRMEB up to 5.6.3, specifically the crontab Endpoint’s CrontabController.php. The root cause is missing authorization in the crontab endpoint, enabling remote exploitation. Public PoC/exploit information appears in the entry and related sources, indicating real-wo...
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service
CVE-2019-9704 Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked. CVE-2019-9705 Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of...
CVE-2023-50922
An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...
CVE-2017-18451
cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade SEC-257...
CVE-1999-0872
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file...
CVE-2018-25148 Microhard Systems IPn4G 1.1.0 Remote Code Execution via Admin Interface
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges,...
CVE-2018-25148 Microhard Systems IPn4G 1.1.0 Remote Code Execution via Admin Interface
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges,...
PT-2025-53368
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges,...
CVE-2023-53945
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
EUVD-2025-204599
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53945
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53945
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53945
BrainyCP 1.0 is affected by an authenticated remote code execution vulnerability via the crontab configuration interface. The issue allows logged-in users to inject arbitrary commands, with exploit examples describing a payload that spawns a reverse shell to a specified IP/port. Several connected...
Brainy BrainyCP 操作系统命令注入漏洞
Brainy BrainyCP is a web hosting control panel from Brainy. An operating system command injection vulnerability exists in Brainy BrainyCP version 1.0, which stems from a remote code execution vulnerability in the crontab configuration interface that could lead to the execution of arbitrary comman...
PT-2025-52516
Name of the Vulnerable Software and Affected Versions BrainyCP version 1.0 Description BrainyCP version 1.0 has an authenticated remote code execution issue. Logged-in users can inject arbitrary commands through the crontab configuration interface. Attackers can exploit the issue by adding a...
EUVD-2011-5269
Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-use race conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate...
CVE-2011-10035
Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-use race conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate...
CVE-2011-10035 Nagios XI < 2011R1.9 Race Conditions in Crontab Install Scripts LPE
Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-use race conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate...