TerraMaster TOS - Unauthenticated Remote Command Execution

TerraMaster TOS = 4.2.06 is susceptible to a remote code execution vulnerability which could allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php via the Event parameter. id: CVE-2020-28188 info: name: TerraMaster TOS - Unauthenticated Remote Command Execution...

PT-2026-49603

A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90ABTQ.1C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request...

CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

GHSA-HRJ8-HJV8-MGWC Anyquery: AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin

AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 commit 0abd460 | | Vulnerability | CWE-94 — Improper Control of Generation of Code | | Severity | High | Summary Th...

PT-2026-45879

Name of the Vulnerable Software and Affected Versions alf.io versions prior to 2.0-M5-2606 Description An authenticated administrator can execute arbitrary operating system commands on the server due to a sandbox escape in the extension script engine. The system is designed to run restricted...

Apache ActiveMQ RCE via Jolokia addNetworkConnector

Apache ActiveMQ exposes a Jolokia JMX-over-HTTP API at /api/jolokia/. An authenticated attacker can invoke the addNetworkConnector MBean operation with a crafted URI that causes the broker to fetch a remote Spring XML configuration over HTTP. The Spring XML instantiates a ProcessBuilder bean that...

CVE-2026-45663

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly...

CVE-2026-44962

Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This allows an authenticated, low-privileged user to execute arbitrary operating system commands on the...

CVE-2026-44962

Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This allows an authenticated, low-privileged user to execute arbitrary operating system commands on the...

CVE-2026-8450

CVE-2026-8450 affects HTTP::Daemon before 6.17 (Perl). The vulnerability allows OS command execution via the send_file() function, which opens its string argument with Perl’s 2-arg open(). The 2-arg form supports magic prefixes: “| cmd” and “cmd |” to pipe to a subprocess, and “> path”/“>&g...

Astra Linux - уязвимость в node-ejs

The ejs also known as Embedded JavaScript templates package version 3.1.6 for Node.js enables server-side template injection in settings view optionsoutputFunctionName. This is parsed as an internal option, and the outputFunctionName option is overwritten with an arbitrary OS command which is...

Eclipse Glassfish 代码注入漏洞

Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a code injection vulnerability. This vulnerability stems from allowing users with panel access rights to send custom requests, thereby enabling them to execute arbitrary operating system commands...

PT-2026-41932

Name of the Vulnerable Software and Affected Versions GlassFish affected versions not specified Description An authenticated Remote Code Execution RCE issue exists in the Administration Console. A user with access to the panel can send crafted requests to execute arbitrary operating system comman...

EUVD-2026-30508

Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host...

EUVD-2026-29879

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5...

CVE-2026-44864

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

CVE-2026-44860

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

CVE-2026-23821 Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

CVE-2026-7815

SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields bufferusagelimit, vacuumparallel, vacuumindexcleanup, reindextablespace were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX command and passed to psql --command. An authenticated user with th...

CVE-2025-67888

An issue was discovered in Control Web Panel CWP before 0.9.8.1209. User input passed via the "key" GET parameter to /admin/index.php when the "api" parameter is set is not properly sanitized before being used to execute OS commands. This can be exploited by unauthenticated attackers to inject an...