15286 matches found
CVE-2023-33374
Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dangerous functionality may issue all devices OS commands to execute, resulting in arbitrary remote...
WordPress Forminator 1.24.6 Shell Upload
Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Date: 2023-07-20 Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
CVE-2023-37679
A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...
CVE-2023-37679
A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...
CVE-2023-37679
A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...
Command injection
A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
NextGen Mirth Connect Command Injection Vulnerability
NextGen Mirth Connect is a healthcare integration engine from NextGen USA. A security vulnerability exists in NextGen Mirth Connect version v4.3.0, which stems from a vulnerability that allows an attacker to execute arbitrary commands on the hosting server...
The vulnerability of the SAP NetWeaver ABAP software integration platform, related to the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.
The vulnerability of the SAP NetWeaver ABAP software integration platform is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of RocketMQ’s messaging platform’s NameServer component allows a hacker to execute arbitrary commands on behalf of a user.
The vulnerability of the NameServer component of the RocketMQ messaging platform is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of users remotely...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
CVE-2023-37679
A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...
Dango-Translator Command Injection Vulnerability
Dango-Translator is an OCR-based raw meat translation software by the individual developer of Fatty Duanzi PantsuDango. A security vulnerability exists in Dango-Translator version 4.5.5, which stems from a Remote Command Execution RCE vulnerability in the component app/config/cloudconfig.json...
PT-2023-26699 · Unknown · Dango-Translator
Name of the Vulnerable Software and Affected Versions: Dango-Translator version 4.5.5 Description: A remote command execution RCE issue was found in Dango-Translator via the app/config/cloud config.json component. Recommendations: For Dango-Translator version 4.5.5, at the moment, there is no...
CVE-2023-37679
CVE-2023-37679 / CVE-2023-43208 (NextGen HealthCare Mirth Connect) : Open-source data integration platform vulnerable to unauthenticated remote code execution due to improper/deserialization handling. Affects Mirth Connect versions prior to 4.4.1 (PoCs and advisories reference vulnerable ranges i...
CVE-2023-38942
Dango-Translator v4.5.5 is affected by a remote command execution (RCE) vulnerability through the component app/config/cloud_config.json. The CVE-2023-38942 entry indicates a CRITICAL severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network access, no privileges, and no user interact...
CVE-2023-38941
The CVE-2023-38941 entry relates to django-sspanel v2022.2.2, with a remote command execution (RCE) vulnerability exposed through sspanel/admin_view.py -> GoodsCreateView._post. The connected sources consistently describe an RCE impact in this specific version; no vendor-provided patch Version...
CVE-2023-38941
django-sspanel v2022.2.2 was discovered to contain a remote command execution RCE vulnerability via the component sspanel/adminview.py - GoodsCreateView.post...