905 matches found
CVE-2021-36582
In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell e.g., aspx to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL...
CVE-2019-1010151
zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php...
WordPress PDF 2 Post 2.4.0 Shell Upload
WordPress PDF 2 Post plugin versions 2.4.0 and below suffers from a remote shell upload vulnerability via a zip file...
CVE-2024-11861
EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access...
CVE-2024-12442
EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access...
CVE-2024-12442 Command injection in EnerSys AMPA versions 24.04 through 24.16, inclusive
EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access...
CVE-2024-11861 Command injection in EnerSys AMPA 22.09 and prior versions
EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access...
CVE-2024-11861
The CVE-2024-11861 entry details a command-injection vulnerability in EnerSys AMPA 22.09 and earlier, enabling privileged remote shell access via vulnerable components. Affected software: EnerSys AMPA (versions ≤ 22.09). Root cause: command-injection flaw as described in multiple sources. Impact:...
PT-2025-20556 · Enersys · Enersys Ampa
Name of the Vulnerable Software and Affected Versions: EnerSys AMPA versions 24.04 through 24.16 Description: The issue allows for command injection, which can lead to privileged remote shell access. Recommendations: For EnerSys AMPA versions 24.04 through 24.16, update to a version that is not...
EnerSys AMPA 安全漏洞
EnerSys AMPA is an industrial-grade battery management system from EnerSys, Inc. designed as an intelligent monitoring platform for power equipment. A security vulnerability exists in EnerSys AMPA version 22.09 and earlier, which stems from a command injection issue that could lead to privileged...
WordPress NewsBlogger Theme 0.2.5.1 Shell Upload
WordPress NewsBlogger Theme versions 0.2.5.1 and below suffer from a remote shell upload vulnerability...
WordPress WP-Advanced-Search 3.3.9.3 Shell Upload
WordPress WP-Advanced-Search plugin versions 3.3.9.3 and below suffer from a remote shell upload vulnerability...
WordPress WP Remote Thumbnail 1.3.2 Shell Upload
WordPress WP Remote Thumbnail plugin versions 1.3.2 and below suffer from a remote shell upload vulnerability...
WordPress I Draw 1.0 Shell Upload
WordPress I Draw plugin version 1.0 suffers from a remote shell upload vulnerability...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433 Remote Shell Go-based exploit for CVE-2025-3243...
WordPress SoftClever Limited Sync Posts 1.0 Shell Upload
WordPress SoftClever Limited Sync Posts plugin version 1.0 suffers from a remote shell upload vulnerability...
WordPress SoJ SoundSlides 1.2.2 Shell Upload
WordPress SoJ SoundSlides plugin versions 1.2.2 and below suffer from a remote shell upload vulnerability...
WordPress the Novel Design Store Directory 4.3.0 Shell Upload
WordPress The Novel Design Store Directory plugin versions 4.3.0 and below suffer from a remote shell upload vulnerability...
WordPress Datasets Manager 1.5 Shell Upload
WordPress Datasets Manager plugin versions 1.5 and below suffer from a remote shell upload vulnerability...
WordPress Newscrunch Theme 1.8.4.1 Shell Upload
WordPress Newscrunch theme version 1.8.4.1 suffers from a remote shell upload vulnerability...