CVE-2023-37659

xalpha v0.11.4 is vulnerable to Remote Command Execution RCE...

CVE-2023-37656

CVE-2023-37656 affects WebsiteGuide v0.2. The vulnerability is Remote Command Execution (RCE) via image upload, with a high-severity CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The Connected documents provide no explicit remediation steps or patched versions. There is no de...

PT-2023-26061 · Unknown · Websiteguide

Name of the Vulnerable Software and Affected Versions: WebsiteGuide version 0.2 Description: The issue allows for Remote Command Execution RCE via image upload. Recommendations: For version 0.2, at the moment, there is no information about a newer version that contains a fix for this vulnerabilit...

Spring Cloud 3.2.2 - Remote Command Execution (RCE)

Exploit Title: Spring Cloud 3.2.2 - Remote Command Execution RCE Date: 07/07/2023 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://spring.io/projects/spring-cloud-function/ Description: Exploit to execute commands exploiting CVE-2022-22963 Software Link:...

CVE-2023-37656

WebsiteGuide v0.2 is vulnerable to Remote Command Execution RCE via image upload...

WebsiteGuide 代码问题漏洞

WebsiteGuide is a web site navigation system. A security vulnerability exists in WebsiteGuide v0.2 that stems from vulnerability to Remote Command Execution RCE attacks via image upload...

CVE-2021-42081

An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API. POC...

CVE-2021-4406 Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version 6.0.0.355 and others

An authenticated attacker is able to create alerts that trigger a stored XSS attack. POC go to the alert manager open the ITSM tab add a webhook with the URL/service token value ' -h && id | tee /tmp/ttttttddddssss ' whitespaces are tab characters click add click apply create a test alert The tes...

CVE-2021-42081 Authenticated Remote Command Execution vulnerability in OSNEXUS QuantaStor before 6.0.0.355

An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API. POC...

CVE-2021-4406 Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version 6.0.0.355 and others

An authenticated attacker is able to create alerts that trigger a stored XSS attack. POC go to the alert manager open the ITSM tab add a webhook with the URL/service token value ' -h && id | tee /tmp/ttttttddddssss ' whitespaces are tab characters click add click apply create a test alert The tes...

The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary commands.

The vulnerability of the command-line interface of ArubaOS exists because measures to neutralize the special elements used in the operating system’s command are not taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PT-2023-12396 · Osnexus · Quantastor

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows an authenticated administrator to remotely execute arbitrary shell commands via the API. This could potentially lead to unauthorized access and control of the syste...

DaillyTools Remote Command Execution

==================================================================================================================================== | Title : DaillyTools v1 command execution Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit ...

CVE-2023-36969

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function...

CVE-2023-36969

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function...

CVE-2023-36969

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function...

Design/Logic Flaw

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function...

ROS-2-2174

2.2174 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

PT-2023-25757 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.17 Description: The issue allows for Remote Command Execution via the File Upload Function. Recommendations: For CMS Made Simple version 2.2.17, update to a version that fixes this issue...

ROS-2-1758

2.1758 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...