Lucene search
K

19632 matches found

EUVD
EUVD
added 2026/01/21 5:27 p.m.6 views

EUVD-2026-3655

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

8.8CVSS6.5AI score0.00634EPSS
Exploits0References6
OSV
OSV
added 2026/01/21 5:16 p.m.4 views

CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...

9.8CVSS6.1AI score0.04307EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3795

Name of the Vulnerable Software and Affected Versions OpenPLC version 3 Description The software contains an authenticated remote code execution issue. An attacker with valid credentials can inject malicious code through the hardware configuration interface. This allows for the upload of a custom...

8.8CVSS6.5AI score0.00634EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.5 views

PT-2026-3806

Name of the Vulnerable Software and Affected Versions phpPgAdmin version 7.13.0 Description An authenticated attacker can execute arbitrary system commands through SQL query manipulation. This is achieved by creating a custom table, uploading a malicious .txt file, and utilizing the COPY FROM...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.5 views

OpenEMR cross-site scripting vulnerability

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Version 5.0.2.1 of OpenEMR contains a cross-site scripting...

5.4CVSS5.7AI score0.00667EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.6 views

PT-2026-3798

Name of the Vulnerable Software and Affected Versions OpenEMR version 5.0.2.1 Description OpenEMR contains a cross-site scripting issue that permits authenticated attackers to inject malicious JavaScript through user profile parameters. Exploitation involves crafting a malicious payload to downlo...

5.4CVSS5.4AI score0.00667EPSS
Exploits1References9
Saint
Saint
added 2026/01/21 12:0 a.m.107 views

Control Web Panel key parameter command injection

Added: 01/21/2026 Background Control Web Panel is a web hosting panel for Linux. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted key parameter. Resolution Upgrade to Control Web Panel 0.9.8.1209 or higher. References...

6.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/20 11:26 p.m.5 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS7.1AI score0.06123EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/20 7:6 p.m.6 views

Malicious code in spellcheckerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 79cc4c6495567fe7659e9e4bb5964727bf95cfc9f78d32209937d73457bd476b Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.9AI score
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/20 2:10 p.m.267 views

Exploit for Code Injection in Laravel Livewire

CVE-2025-54068 A tool designed to exploit CVE-2025-54068 and...

9.8CVSS6.2AI score0.95376EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2026/01/20 11:24 a.m.6 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS6.4AI score0.0235EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : cups-filters-1.28.7-17.el9_4 (AXSA:2024-8862:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8862:03 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API...

9.8CVSS7.5AI score0.8344EPSS
Exploits16References4
Packet Storm
Packet Storm
added 2026/01/20 12:0 a.m.181 views

📄 Siklu EtherHaul Series EH-8010 / EH-1200 Remote Command Execution

Siklu EtherHaul Series EH-8010 and EH-1200 with firmware versions between 7.4.0 and 10.7.3 suffer from a remote command execution vulnerability. Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 -...

9.8CVSS8.6AI score0.01219EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...

8.8CVSS5.8AI score0.01002EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : cups-2.3.3op2-31.el9 (AXSA:2024-9124:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9124:11 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file Tenable has extracted the preceding description block directly from the...

9.8CVSS7.3AI score0.73062EPSS
Exploits5References2
OSV
OSV
added 2026/01/19 11:16 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.3CVSS5.7AI score0.06123EPSS
Exploits1References4
NVD
NVD
added 2026/01/19 11:16 p.m.5 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS0.06123EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.3AI score0.06123EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/01/19 11:2 p.m.13 views

CVE-2026-1192

CVE-2026-1192 affects Tosei Online Store Management System 1.01. The vulnerability is in an unknown function within /cgi-bin/imode_alldata.php where manipulating the DevId argument can cause remote command injection. Public exploit details exist; vendor was contacted but did not respond. Descript...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder