Apache Log4j2 Remote Code Injection

Apache Log4j2 =2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when...

Microsoft Exchange Server SSRF Vulnerability

This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or...

Apache Struts2 S2-062 - Remote Code Execution

Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 S2-061 was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %... syntax. id: CVE-2021-31805 info: name...

Cobbler <3.3.0 - Remote Code Execution

Cobbler before 3.3.0 allows log poisoning and resultant remote code execution via an XMLRPC method. id: CVE-2021-40323 info: name: Cobbler 3.3.0 - Remote Code Execution author: c-sh0 severity: critical description: Cobbler before 3.3.0 allows log poisoning and resultant remote code execution via ...

Zoho ManageEngine ServiceDesk Plus - Remote Code Execution

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. id: CVE-2021-44077 info: name: Zoho ManageEngine ServiceDesk Plus - Remote Code Execution author: Adam Crosser,gy741...

Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests ca...

SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

PHP CGI v5.3.12/5.4.2 Remote Code Execution

sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An...

Apache Struts <=2.5.20 - Remote Code Execution

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag attributes, which may lead to remote code execution. id: CVE-2019-0230 info: name: Apache Struts =2.5.20 - Remote Code Execution author: geeknik severity: critical description: Apache Struts 2.0.0 ...

D-Link Routers - Remote Code Execution

D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who...

Webmin <= 1.920 - Unauthenticated Remote Command Execution

Webmin =1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in passwordchange.cgi. id: CVE-2019-15107 info: name: Webmin = 1.920 - Unauthenticated Remote Command Execution author: bp0lr severity: critical description: Webmin =1.920. is vulnerable to an...

VMware View Planner <4.6 SP1- Remote Code Execution

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could...

Apache 2.4.49 - Path Traversal and Remote Code Execution

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed...

Hitachi Pentaho Business Analytics Server - Remote Code Execution

Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby...

PhpMyAdmin <4.8.2 - Local File Inclusion

PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include view and potentially execute files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted...

nostromo 1.9.6 - Remote Code Execution

nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal in the function httpverify. id: CVE-2019-16278 info: name: nostromo 1.9.6 - Remote Code Execution author: pikpikcu severity: critical description: nostromo nhttpd through 1.9.6 allows an...

Atlassian Confluence Server - Path Traversal

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 the fixed version for 6.6.x, from version 6.7.0 before 6.12.3 the fixed version for 6.12.x, from version 6.13.0 before 6.13.3 the fixed version for 6.13.x, and from version 6.14.0 before 6.14.2 the fixed version for...

ManageEngine - Remote Command Execution

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec aka XML Security for Java 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security...

Atlassian Bitbucket - Remote Command Injection

Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API endpoints can allow an attacker with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request, thus making it possible to obtain...