CVE-2021-47757 Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...

Exploit for CVE-2025-53547

CVE-2025-53547 POC this is a poc for CVE-2025-53547 Chart.l...

CVE-2024-39226

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a vulnerability can be exploited to manipulate routers b...

Shell Command Injection

imageprocessing is vulnerable to shell command injection. The apply function in chainable.rb does not properly check unsanitized user input operational commands, allowing an attacker to inject and execute malicious shell commands...

Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux

Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service DDoS attacks against targets. While the earliest...

Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices

A new variant of the Mirai botnet has been discovered targeting a slew of vulnerabilities in unpatched D-Link, Netgear and SonicWall devices — as well as never-before-seen flaws in unknown internet-of-things IoT gadgets. Since Feb. 16, the new variant has been targeting six known vulnerabilities ...

Hackers-For-Hire Group Develops New 'PowerPepper' In-Memory Malware

Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US. Dubbed "PowerPepper" by...

CVE-2020-15271

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

FreeBSD : snmptt -- malicious shell code (b8ea5b66-deff-11ea-adef-641c67a117d8)

Snmptt reports : Fixed a security issue with EXEC / PREXEC / unknowntrapexec that could allow malicious shell code to be executed. Fixed a bug with EXEC / PREXEC / unknowntrapexec that caused commands to be run as root instead of the user defined in daemonuid. C Tenable Network Security, Inc. The...

snmptt -- malicious shell code

Snmptt reports: Fixed a security issue with EXEC / PREXEC / unknowntrapexec that could allow malicious shell code to be executed. Fixed a bug with EXEC / PREXEC / unknowntrapexec that caused commands to be run as root instead of the user defined in daemonuid...

GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)

Binary data gponcve-2018-10562.nbin...

PHPPing 0.1 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7030/info A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems. The vulnerability exists in the index.php script file. Some variables are not properly...

Job2C 4.2 - profile Arbitrary File Upload

Job2C 4.2 - profile Arbitrary File Upload || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...