Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

Group-Office < 26.0.5 - Remote Code Execution

Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmpfile into an exec call. By injecting shell metacharacters into...

MindsDB - Remote Code Execution

MindsDB 25.9.1.1 contains a remote code execution caused by path traversal in the /api/files upload file module, letting authenticated attackers write arbitrary files and execute commands, exploit requires authentication. id: CVE-2026-27483 info: name: MindsDB - Remote Code Execution author:...

Primetek Primefaces 5.x - Remote Code Execution

Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution. id: CVE-2017-1000486 info: name: Primetek Primefaces 5.x - Remote Code Execution author: Moritz Nentwig severity: critical description: Primetek Primefaces 5.x is vulnerable to a weak encryption fl...

ICTBroadcast - Command Injection

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are know...

MetInfo CMS <= 8.1 - Remote Code Execution

MetInfo CMS 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability caused by insufficient input neutralization in the execution path, letting remote attackers execute arbitrary code remotely, exploit requires crafted requests. id: CVE-2026-29014 info: name: MetInfo CMS = 8....

OpenDreambox 2.0.0 - Remote Code Execution

OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py. id: CVE-2017-14135 info: nam...

Roundcube Webmail - Remote Code Execution

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. id: CVE-2025-49113 info: name: Roundcube Webmail - Remote...

ShellShock - Remote Code Execution

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

MobSF - Path Traversal

MobSF is vulnerable to an issue with apktool CVE-2024-21633 that allows for RCE or arbitrary file writing. It does this through a path traversal vulnerability. This template tests for it by writing to a local file and reading that file. RCE can be achieved by overwriting jadx, as shown in the two...

Joomla! Component BeeHeard 1.0 - Local File Inclusion

A directory traversal vulnerability in the BeeHeard combeeheard and BeeHeard Lite combeeheardlite component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1952 info: name: Joomla! Component BeeHeard 1.0 - Loc...

Chamilo LMS <= 1.11.24 - Remote Code Execution

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. id: CVE-2023-422...

WordPress Button Generator <2.3.3 - Remote File Inclusion

WordPress Button Generator before 2.3.3 within the wow-company admin menu page allows arbitrary file inclusion with PHP extensions as well as with data:// or http:// protocols, thus leading to cross-site request forgery and remote code execution. id: CVE-2021-25052 info: name: WordPress Button...

Pallets Werkzeug <0.15.5 - Local File Inclusion

Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names such as C: in Windows pathnames. id: CVE-2019-14322 info: name: Pallets Werkzeug 0.15.5 - Local File Inclusion author: madrobot severity: high description: | Pallets Werkzeug...

Microweber <1.2.12 - Integer Overflow

Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to insert in the input field 'first & last name,' which can allow an attacker to cause a denial of service via a crafted HTTP request. id: CVE-2022-0968 info: name: Microweber 1.2.12 - Integer...

Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution

Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caused by a general bypass in the deserialization class, letting unauthenticated attackers execute arbitrary code, exploit requires no authentication id: CVE-2021-3287 info: name: Zoho ManageEngine OpManager 12.5.329 -...

Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...

Lodash Template - Server-Side Template Injection (RCE)

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. id: CVE-2021-23337 info: name: Lodash Template - Server-Side Template Injection RCE author: DhiyaneshDk severity: high description: | Lodash versions prior to 4.17.21 are vulnerable to Command Injectio...

WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.6.0. This makes it possible for...

Qwik - Unauthenticated RCE via server$ Deserialization

Qwik =1.19.0 contains an insecure deserialization vulnerability in the server$ RPC mechanism, letting unauthenticated attackers execute arbitrary code remotely, exploit requires require availability at runtime. id: CVE-2026-27971 info: name: Qwik - Unauthenticated RCE via server$ Deserialization...