CVE-2023-53981

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

CVE-2023-53981

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

CVE-2023-53981 PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

CVE-2023-53981

CVE-2023-53981 affects PhotoShow 3.0. The vulnerability is a remote code execution via exiftran path configuration, where an authenticated administrator could abuse ffmpeg configuration settings to run commands. Exploitation described involves base64-encoded reverse-shell commands embedded in a c...

CVE-2023-53981 PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

CVE-2023-53945

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

CVE-2023-53948

Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...

EUVD-2025-204599

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

EUVD-2025-204606

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53959

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53948

Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...

CVE-2023-53945

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

CVE-2023-53945

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

CVE-2023-53959

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53959 FileZilla Client 3.63.1 DLL Hijacking via Missing TextShaping.dll

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53959 FileZilla Client 3.63.1 DLL Hijacking via Missing TextShaping.dll

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53959

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code...

CVE-2023-53959

FileZilla Client 3.63.1 is affected by a DLL hijacking flaw: an attacker can place a crafted TextShaping.dll in the application directory to achieve remote code execution when FileZilla is launched. The vulnerability stems from a missing/bad TextShaping.dll that can be replaced with a malicious p...

EUVD-2025-204593

Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...

CVE-2023-53948

CVE-2023-53948 affects Lilac-Reloaded for Nagios 2.0.8. The vulnerability is a remote code execution in the autodiscovery feature caused by a lack of input filtering in the nmap_binary parameter, enabling an attacker to inject commands and potentially trigger a reverse shell via a crafted POST re...