CVE-2026-8500

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

CVE-2026-8500

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

CVE-2026-8500

Web::Passwd (Perl)

CVE-2026-8500 Web::Passwd versions through 0.03 for Perl is vulnerable to RCE

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

PT-2026-40831

Name of the Vulnerable Software and Affected Versions Web::Passwd version 0.03 Description Web::Passwd, a small CGI application for managing htpasswd files via the htpasswd command, allows remote code execution. The user parameter is not validated or escaped before being used as the final argumen...

EUVD-2026-24674

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hhhtpasswdpath' option and lack of sanitization on the...

CVE-2026-4132

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hhhtpasswdpath' option and lack of sanitization on the...

CVE-2026-4132 HTTP Headers <= 1.19.2 - Authenticated (Administrator+) External Control of File Name or Path to RCE via 'hh_htpasswd_path' and 'hh_www_authenticate_user' Parameters

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hhhtpasswdpath' option and lack of sanitization on the...

CVE-2026-4132

CVE-2026-4132 affects the WordPress HTTP Headers plugin up to version 1.19.2. The vulnerability arises from insufficient validation of the htpasswd path (hh_htpasswd_path) and lack of sanitization of the hh_www_authenticate_user value, allowing an authenticated Administrator+ to cause Remote Code...

CVE-2026-4132

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hhhtpasswdpath' option and lack of sanitization on the...

EUVD-2017-8821

Malware in sbrugna...

EUVD-2002-0908

Malware in sbrugna...

EUVD-2017-0110

Malware in sbrugna...

EUVD-2014-4914

Malware in sbrugna...

EUVD-2006-1082

Malware in sbrugna...

EUVD-2013-7260

Malware in sbrugna...

EUVD-2006-1083

Malware in sbrugna...

EUVD-2023-29043

Malicious code in bioql PyPI...

EUVD-2022-5314

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-17663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The htpasswd implementation of minihttpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code...