CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

415 matches found

MovableType - Remote Command Injection

MovableType 5002 and earlier Movable Type Advanced 7 Series, Movable Type Advanced 6.8. 2 and earlier Movable Type Advanced 6 Series, Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified...

9.8CVSS7.6AI score0.94187EPSS

Exploits11References5

Nuclei•added 15 hours ago•21 views

SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure

A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This flaw results in authenticated file disclosure, granting unauthorized access to sensitive files and directories. Although authentication is...

8.7CVSS5.8AI score0.23759EPSS

Exploits1References3

Nuclei•added 15 hours ago•33 views

OpenDreambox 2.0.0 - Remote Code Execution

OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py. id: CVE-2017-14135 info: nam...

10CVSS8.1AI score0.90088EPSS

Exploits1References5

NVD•added 5 days ago•10 views

CVE-2025-41272

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...

9.8CVSS0.00261EPSS

Exploits0References1

Nuclei•added 5 days ago•52 views

SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution

SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the systemlog.cgi page. id: CVE-2020-17456 info: name: SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution author: gy741,edoardottt severity: critical description: SEOWON INTECH...

9.8CVSS8AI score0.88911EPSS

Exploits8References5

Nuclei•added 5 days ago•69 views

EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution

EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...

9.8CVSS7.8AI score0.91906EPSS

Exploits13References5

Nuclei•added 5 days ago•24 views

Altenergy Power Control Software C1.2.5 - Remote Command Injection

Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...

9.8CVSS7.4AI score0.93791EPSS

Exploits5References5

RedhatCVE•added 2026/01/09 8:49 a.m.•5 views

CVE-2021-22795

A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...

9.8CVSS7.7AI score0.03191EPSS

Exploits0References1