14191 matches found
openssh: potential command injection via shell metacharacters
A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters...
GHSA-Q284-4PVR-M585 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand
Two related vulnerabilities existed in the macOS application's SSH remote connection handling CommandResolver.swift: Details The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescap...
OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand
Two related vulnerabilities existed in the macOS application's SSH remote connection handling CommandResolver.swift: Details The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescap...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
EUVD-2020-30949
Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...
CVE-2020-37027
Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...
EUVD-2026-5017
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability exists in Interinfo DreamMaker’s file upload function, affecting versions before 2025/10/22. The root cause is an insufficient validation of uploaded files, enabling remote attackers to execute arbitrary system commands via a malici...
PT-2026-5378
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
📄 n8n 2.0.0-rc.4 Remote Command Execution
n8n version 2.0.0-rc.4 PHP port of a research exploit that chains together multiple vulnerabilities including arbitrary file read and sandbox escape in order to achieve remote command execution...
Interinfo DreamMaker security vulnerabilities
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the file upload function not restricting dangerous file types, which could lead to...
BIT-RUM-2022-50806 4images 1.9 - Remote Command Execution (RCE)
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...
CVE-2020-37002
Ajenti 2.1.36 contains a post-authenticated remote command execution vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port...
CVE-2020-37002
Ajenti 2.1.36 contains a post-authenticated remote command execution vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port...
MAL-2026-601 Malicious code in tableautes (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db2caf2b50286de83c99e588ab33e86d828ff3c39fd0dac1c5f3da229cdfced7 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
PT-2026-5278
Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port...
CVE-2025-69516
A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...
EUVD-2025-206512
A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...
CVE-2025-69516
A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...
📄 Zimbra Collaboration Suite Postjournal 10.0.x Remote Code Execution
A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...