Kramer VIAware - Privilege Escalation and Remote Code Execution

Kramer VIAware, all tested versions, allow privilege escalation and remote code execution due to misconfigured sudo permissions. Attackers can execute arbitrary system commands remotely if the web interface is accessible, due to vulnerabilities in the handling of privileged operations through...

Ruby Dragonfly <1.4.0 - Remote Code Execution

Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishand...

ZZZCMS zzzphp 2.1.0 - Remote Code Execution

ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via dangerkey at zzztemplate.php. id: CVE-2022-23881 info: name: ZZZCMS zzzphp 2.1.0 - Remote Code Execution author: pikpikcu severity: critical description: ZZZCMS zzzphp v2.1.0 is susceptible to a remote command...

Nodejs Squirrelly - Remote Code Execution

Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuratio...

XStream <1.4.17 - Remote Code Execution

XStream before 1.4.17 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of...

DocsGPT - Unauthenticated Remote Code Execution

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.This issue affects DocsGPT- from 0.8.1 through 0.12.0. id:...

FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload

FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and...

Cacti v1.2.8 - Remote Code Execution

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

Moodle - Remote Code Execution

Attackers with the permission to create or modify questions in Moodle courses are able to craft malicious inputs for calculated questions, which can be abused to execute arbitrary commands on the underlying system. id: CVE-2024-43425 info: name: Moodle - Remote Code Execution author:...

Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection

A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. This affects an unknown part of the file listbaseconfig.php of the component Web Interface. The manipulation of the argument template leads to os command injection. It is possible...

Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

Spring Data REST 2.6.9 and 3.0.1, Spring Boot 1.5.9 and 2.0 M6 contain a remote code execution caused by processing malicious PATCH requests with crafted JSON data, letting attackers execute arbitrary Java code, exploit requires sending malicious PATCH requests. id: CVE-2017-8046 info: name: Spri...

Ncast busiFacade - Remote Command Execution

The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier. id: CVE-2024-0305 info: name: Ncast busiFacade - Remote Command Execution author: BMCel...

WP GDPR Compliance < 1.4.3 - Unauthenticated Call Any Action or Update Any Option

The WP GDPR Compliance plugin allows unauthenticated users to execute any action and update any database value. This vulnerability is due to the lack of proper validation in the Includes/Ajax.php file. id: CVE-2018-19207 info: name: WP GDPR Compliance 1.4.3 - Unauthenticated Call Any Action or...

Craft CMS < 3.3.0 - Server-Side Template Injection

Craft CMS before 3.3.0 is susceptible to server-side template injection via the SEOmatic component that could lead to remote code execution via malformed data submitted to the metacontainers controller. id: CVE-2020-9757 info: name: Craft CMS 3.3.0 - Server-Side Template Injection author:...

vBulletin replaceAdTemplate - Remote Code Execution

vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution RCE vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted...

Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution

Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lack of authentication on file uploads, letting unauthenticated attackers execute arbitrary code by uploading crafted files. id: CVE-2025-34299 info: name: Monsta FTP = 2.11.2 - Unauthenticated Remote Code Execution...

SDT-CW3B1 1.1.0 - OS Command Injection

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. id: CVE-2021-46422 info: name: SDT-CW3B1 1.1.0 - OS Command Injection author: badboycxcc,prajiteshsingh severity: critical description: ...

BillQuick Web Suite SQL Injection

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xpcmdshell. id: CVE-2021-42258 info: name: BillQuick Web Suite SQL Injection...

The School Management < 9.9.7 - Remote Code Execution

The School Management plugin before version 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site. id: CVE-2022-1609 info: name: The School Management 9.9.7 -...