43 matches found
CVE-2023-52031
TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the UploadFirmwareFile function...
CVE-2023-52029
TOTOLINK A3700R (v9.1.2u.5822_B20200513) contains a remote command execution (RCE) in the setDiagnosisCfg function. The issue arises from improper handling/filtering of constructed command characters, enabling arbitrary command execution. Affected component: setDiagnosisCfg; impact: remote comman...
CVE-2023-50651
TOTOLINK X6000R v9.4.0cu.852B20230719 was discovered to contain a remote command execution RCE vulnerability via the component /cgi-bin/cstecgi.cgi...
CVE-2023-37754
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
CVE-2022-45875 Apache DolphinScheduler: Remote command execution Vulnerability in script alert plugin
Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. This attack can be performed only by authenticated users...
CVE-2022-23881
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...
CVE-2022-26265
Contao Managed Edition v1.5.0 was discovered to contain a remote command execution RCE vulnerability via the component phpcli parameter...
CVE-2022-24711 Remote CLI Command Execution Vulnerability in CodeIgniter4
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerabilit...
CVE-2021-28134
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...
Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41175)
The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...
CVE-2017-12581
GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy SOP is a precondition; however, recent Electron versions do...
Vulnerability alert: well-known Forum system vBulletin commonly used SEO plugin VBSEO there is a serious security vulnerability-vulnerability warning-the black bar safety net
vBulletin team recently to all their customers warning of its plug-in VBSEO there was a serious security vulnerability. VBSEO for vBulletin and very popular third party seo modules, worst of VBSEO official already in the last year to stop updating this plug-in, that no one can exploit to provide...
innoEDIT 'innoedit.cgi'远程命令执行漏洞
Bugtraq ID:66367 innoEDIT是一款基于WEB的应用。 innoEDIT 'innoedit.cgi'不正确处理提交给'download'参数的数据,允许远程攻击者利用漏洞提交特殊shell元字符,可以WEB权限执行任意命令。 0 innoEDIT 6.2 目前没有详细解决方案提供: http://www.inno.com.mx/innoedit.htm http://www.mtyjet.com/innoedit/innoedit.cgi?download=;id|...
Cross site request forgery (csrf)
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to execute arbitrary commands via shell metacharacters in the pip parameter in an Ajax tagipPing request, a different vulnerability than CVE-2013-3581...
fileutils Gem for Ruby file_utils.rb Crafted URL Handling Remote Command Execution
fileutils Gem for Ruby contains a flaw in fileutils.rb. The issue is triggered when handling a specially crafted URL containing a command after a delimiter ;. This may allow a remote attacker to potentially execute arbitrary commands...
OpenOffice EMF File Parser Remote Command Execution Vulnerability (Windows)
The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnwin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Windows Authors: Antu Sanadi...
OpenOffice EMF File Parser Remote Command Execution Vulnerability (Linux)
The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Linux Authors: Antu Sanadi...
DNS Tools (PHP Digger) - Remote Command Execution
DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote Command Execution - Vulnerable code in dig.php ------------------------------------------ $ns = $GET'ns'; system "dig @$ns $host $querytype";...
fttss 2.0 - Remote Command Execution
fttss 2.0 - Remote Command Execution :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl fttss /tmp/dupa; HTTP/1.x 200 OK Date: Sun, 11 Jan 2009 16:24:57 GMT Server: Apache...
newsReporter <= 1.1 (index.php) Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================== newsReporter Kurdish Security newsReporter v1.1 Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class :...