54816 matches found
CVE-2024-44598
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...
CVE-2024-44598
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...
PT-2025-51336
Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A weakness exists in CTCMS Content Management System up to version 2.1.2. This issue affects an unknown function within the /ctcms/apps/libraries/CT Parser.php library of the...
CVE-2024-44598
CVE-2024-44598 concerns FNT Command 13.4.0, which is reported as vulnerable to code execution via the C Base Module . The available sources consistently describe a code execution flaw in this module, but do not provide explicit technical details about the vulnerable component, affected versions b...
PT-2025-51247
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...
Rockwell Automation 432ES-IG3 Series A Denial of Service Vulnerability
The Rockwell Automation 432ES-IG3 Series A is a safety I/O module from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation 432ES-IG3 Series A, which can be exploited by an attacker to cause a denial of service...
CVE-2024-44598
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...
PT-2025-51319
Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A code injection issue exists in CTCMS Content Management System. The issue is located in the Save function within the /ctcms/libs/Ct App.php file of the Backend App Configuratio...
PT-2025-51261
Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description A SQL injection issue exists in Frappe ERPNext. The get outstanding reference documents function within the erpnext/accounts/doctype/payment entry/payment entry.py file is susceptible to...
FNT Command 安全漏洞
FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0, which stems from a code execution vulnerability in the C Base Module...
CVE-2024-44598
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...
CVE-2024-58305
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
EUVD-2025-203253
ShineLan-X contains a stored cross site scripting XSS vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious...
EUVD-2025-203224
The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.1 via the extensivevcgetmoduletemplatepart function. This is due to insufficient path normalization and validation of the user-supplied...
CVE-2025-36748
ShineLan-X contains a stored cross site scripting XSS vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious...
Arbitrary File Write
fontTools is vulnerable to an arbitrary file write. The vulnerability is due to improper handling of malicious .designspace files in the fontTools.varLib module, which allows an attacker to achieve remote code execution by writing arbitrary files when processed...
Exploit for CVE-2025-66947
CVE-2025-66947 SQL Injection in krishanmuraiji SMS v1.0 CVE-2...
Path Traversal
cn.dreampie:resty is vulnerable to Path Traversal. The vulnerability is due to improper validation of the filename parameter in the HttpClient module, which allows an attacker to manipulate file paths and access unauthorized files on the system...
Server-Side Template Injection (SSTI)
net.mingsoft, ms-mcms is vulnerable to Server-Side Template Injection SSTI. The vulnerability is due to improper handling of user-supplied input in the Template Management module, which allows an attacker to inject and execute arbitrary template code on the server...
Arbitrary File Upload
ms-mcms is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded ZIP files in the New Template module, allowing attackers to upload crafted files that can be executed on the server, leading to arbitrary code execution...