Apache Struts2 S2-012 RCE

Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. id: CVE-2013-1965 info: name: Apache Struts2 S2-012 RCE author: pikpikcu...

Exploit for CVE-2024-21182

CVE-2024-21182 - Oracle WebLogic Server JNDI Injection → RCE C...

elFinder 2.1.58 - Remote Code Execution

elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. id: CVE-2021-32682 info: name: elFinder 2.1.58 - Remote Code Executi...

Atlassian Confluence Download Attachments - Remote Code Execution

Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this pat...

Oracle WebLogic Server Administration Console - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...

Mlflow - Arbitrary File Write

An attacker can overwrite any file on the server hosting MLflow without any authentication. id: CVE-2023-6018 info: name: Mlflow - Arbitrary File Write author: byt3bl33d3r severity: critical description: | An attacker can overwrite any file on the server hosting MLflow without any authentication...

Mongo-Express - Remote Code Execution

Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server. id: CVE-2020-24391 info: nam...

Ncast busiFacade - Remote Command Execution

The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier. id: CVE-2024-0305 info: name: Ncast busiFacade - Remote Command Execution author: BMCel...

D-Link NAS - Command Injection via Name Parameter

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument name leads to os command...

SPIP Porte Plume Plugin - Remote Code Execution

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. id: CVE-2024-7954 info: name: SPIP Porte Plume...

RealTek Jungle SDK - Arbitrary Command Injection

There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system. id: CVE-2021-35395 info: name: RealTek Jungle SDK - Arbitrary Command Injection...

Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution

Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. id: CVE-2020-7980 info: name: Satellian Intellian Aptus Web...

Mida eFramework <=2.9.0 - Remote Command Execution

Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative root privileges. No authentication is required. id: CVE-2020-15920 info: name: Mida eFramework =2.9.0 - Remote Command Execution author: dwisiswant0 severity: critical description: Mida eFramewor...

RaspAP 2.8.7 - Unauthenticated Command Injection

A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfgid parameter in /ajax/openvpn/activateovpncfg.php and /ajax/openvpn/delovpncfg.php. id: CVE-2022-39986 info: name: RaspAP 2.8.7 - Unauthenticated Command Injectio...

Exchange Server - Remote Code Execution

Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206. id: CVE-2021-34473 info: name: Exchange Server - Remote Code Execution author: arcc,intx0x80,dwisiswant0,r3dg33k severity: critical description: | Microsoft...

Ruby Dragonfly <1.4.0 - Remote Code Execution

Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishand...

Viessmann Vitogate 300 - Remote Code Execution

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method. id: CVE-2023-45852 info: name: Viessmann Vitogate 300 - Remote Code Execution autho...

Ivanti Avalanche - Remote Code Execution

An unauthenticated attacker could achieve the code execution through a RemoteControl server. id: CVE-2023-32563 info: name: Ivanti Avalanche - Remote Code Execution author: princechaddha severity: critical description: An unauthenticated attacker could achieve the code execution through a...

Metabase < 0.46.6.1 - Remote Code Execution

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...

AVTECH IP Camera - Command Injection

The endpoint /cgi-bin/supervisor/Factory.cgi is vulnerable to command injection via the action parameter, allowing remote code execution. id: CVE-2024-7029 info: name: AVTECH IP Camera - Command Injection author: DhiyaneshDK severity: high description: | The endpoint /cgi-bin/supervisor/Factory.c...