PT-2024-27009 · Pam · Pam

Name of the Vulnerable Software and Affected Versions: PAM system affected versions not specified Description: An improper input validation in the PAM system allows an unauthenticated attacker to achieve remote command execution by sending a specially crafted HTTP request. Recommendations: At the...

CVE-2024-40552

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...

CVE-2024-40552

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...

PublicCMS Security Vulnerabilities

PublicCMS is an open source content management system CMS written in Java by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202302.e, which stems from the presence of remote command execution...

SeaCMS 安全漏洞

SeaCMS is an open source content management system based on PHP+MySql technology. An input validation vulnerability exists in the SeaCMS adminconfigmark.php processing parameter, which can be exploited by a validated remote attacker to submit a special request and execute arbitrary commands in th...

CVE-2024-39565

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

CVE-2024-37770

14Finger v1.1 was discovered to contain a remote command execution RCE vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

CVE-2024-37770

14Finger v1.1 was discovered to contain a remote command execution RCE vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

Juniper Networks Junos OS Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which arises from a data...

CVE-2024-37770

14Finger v1.1 was discovered to contain a remote command execution RCE vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

Juniper Junos OS Vulnerability (JSA83023)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83023 advisory. - An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated,...

CVE-2024-37770

CVE-2024-37770 affects 14Finger v1.1, with a Remote Command Execution (RCE) vulnerability in the fingerprint function that allows an attacker to run arbitrary commands via a crafted payload. The CVSSv3.1 base score is 9.1 (CRITICAL) with network access, low attack complexity, no privileges requir...

14Finger Security Vulnerability

14Finger is a full-featured Web fingerprinting and sharing platform by b1ackc4t individual developers. A security vulnerability exists in 14Finger v1.1, which stems from the inclusion of a Remote Command Execution RCE vulnerability in the fingerprinting functionality that allows an attacker to...

CVE-2024-37770

14Finger v1.1 was discovered to contain a remote command execution RCE vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

The vulnerability of the Moodle management system, related to insufficient validation of input data, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Moodle administration system is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2024-27785

An improper neutralization of formula elements in a CSV File CWE-1236 vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports...

The vulnerability of the Node.js software platform, related to errors in processing input data, allows a hacker to execute arbitrary commands.

The vulnerability of the Node.js software platform is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PT-2024-10056 · Lenovo · Lenovo Xclarity Controller

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Controller XCC for Lenovo ThinkSystem servers affected versions not specified Description: The issue is related to a lack of neutralization of special elements, which could allow a remote attacker to execute arbitrary commands...