551 matches found
CVE-2025-3485
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementati...
CVE-2025-20276 Cisco Unified Contact Center Express Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insecure...
CVE-2024-52800
veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. This doesn't affect the standard validation and policy checks functionality...
CVE-2024-41361
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\manageFilesFolders.php...
CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminweixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-25293
mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...
CVE-2024-22891
Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...
CVE-2024-42599
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although adminfiles.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute...
CVE-2024-33442
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...
CVE-2024-43202
Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue...
CVE-2023-31587
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution RCE vulnerability via the Mac parameter at ip/goform/WriteFacMac...
CVE-2022-2323
Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions...
CVE-2022-48116
AyaCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the component /admin/tpledit.inc.php...
CVE-2022-48093
Seacms v12.7 was discovered to contain a remote code execution RCE vulnerability via the ip parameter at admin ip.php...
CVE-2022-44262
ff4j 1.8.1 is vulnerable to Remote Code Execution RCE...
CVE-2022-44089
ESPCMS P8.21120101 was discovered to contain a remote code execution RCE vulnerability in the component ISGETCACHE...
CVE-2022-34120
Barangay Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the module editing function at /pages/activity/activity.php...
CVE-2022-34531
DedeCMS v5.7.95 was discovered to contain a remote code execution RCE vulnerability via the component mytag main.php...
CVE-2022-32417
PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...
CVE-2022-31849
MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution RCE vulnerability which is exploitable via a crafted POST request...