CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1797 matches found

GithubExploit•added 2025/12/24 11:3 a.m.•166 views

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

POC exploit for Dolibarr example: python3 exploit.py http...

8.8CVSS8.8AI score0.89175EPSS

Exploits16

RedhatCVE•added 2025/12/23 11:29 p.m.•5 views

CVE-2023-53981

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

8.6CVSS8.3AI score0.00864EPSS

Exploits1References1

OSV•added 2025/12/23 8:15 p.m.•1 views

CVE-2021-47735

CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing...

8.6CVSS6.3AI score

Exploits0References3

Cvelist•added 2025/12/23 7:34 p.m.•19 views

CVE-2021-47735 CMSimple 5.4 Authenticated Remote Code Execution via Template Editing

8.8CVSS0.0045EPSS

Exploits1References3

CVE•added 2025/12/23 7:34 p.m.•7 views

CVE-2021-47735

CVE-2021-47735 (CMSimple 5.4) describes an authenticated remote code execution via the template editing feature. The vulnerability arises when logged-in users can inject PHP code into template files through the template editing endpoint using a valid CSRF token, enabling execution of a reverse sh...

8.8CVSS7.7AI score0.0045EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/12/23 7:34 p.m.•1 views

CVE-2021-47735 CMSimple 5.4 Authenticated Remote Code Execution via Template Editing

8.8CVSS7.7AI score0.0045EPSS

Exploits1References3

EUVD•added 2025/12/23 12:30 a.m.•2 views

EUVD-2023-60243

8.8CVSS7.8AI score0.00864EPSS

Exploits1References5

Tenable Nessus•added 2025/12/23 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the...

9.8CVSS6.6AI score0.0031EPSS

Exploits1References2

Positive Technologies•added 2025/12/23 12:0 a.m.•3 views

PT-2025-52835

Name of the Vulnerable Software and Affected Versions CMSimple version 5.4 Description The software contains an authenticated remote code execution issue that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by...

8.8CVSS7.7AI score0.0045EPSS

Exploits1References6

NVD•added 2025/12/22 10:16 p.m.•4 views

CVE-2023-53981

8.6CVSS0.00864EPSS

Exploits1References4

OSV•added 2025/12/22 10:16 p.m.•3 views

CVE-2023-53981

7.2CVSS6.4AI score

Exploits0References4

Vulnrichment•added 2025/12/22 9:35 p.m.•4 views

CVE-2023-53981 PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection

8.6CVSS8AI score0.00864EPSS

Exploits1References4

CVE•added 2025/12/22 9:35 p.m.•13 views

CVE-2023-53981

CVE-2023-53981 affects PhotoShow 3.0. The vulnerability is a remote code execution via exiftran path configuration, where an authenticated administrator could abuse ffmpeg configuration settings to run commands. Exploitation described involves base64-encoded reverse-shell commands embedded in a c...

8.6CVSS8AI score0.00864EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/12/22 9:35 p.m.•21 views

CVE-2023-53981 PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection

8.6CVSS0.00864EPSS

Exploits1References4

RedhatCVE•added 2025/12/22 7:21 a.m.•4 views

CVE-2023-53945

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

8.8CVSS8.3AI score0.00491EPSS

Exploits1References1

RedhatCVE•added 2025/12/22 7:21 a.m.•4 views

CVE-2023-53948

Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...

9.8CVSS8.3AI score0.00287EPSS

Exploits0References1

EUVD•added 2025/12/19 9:30 p.m.•2 views

EUVD-2025-204599

8.8CVSS7.8AI score0.00491EPSS

Exploits1References4

EUVD•added 2025/12/19 9:30 p.m.•3 views

EUVD-2025-204606

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

9.8CVSS7.7AI score0.0031EPSS

Exploits1References5

NVD•added 2025/12/19 9:15 p.m.•4 views

CVE-2023-53959

9.8CVSS0.0031EPSS

Exploits1References3

NVD•added 2025/12/19 9:15 p.m.•2 views

CVE-2023-53948

9.8CVSS0.00287EPSS

Exploits0References3

Rows per page