Lucene search
+L

247 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-63304

AVideo through 29.0 contains an OS command injection vulnerability in plugin/API/standAlone/functions.php where the listFFmpegProcesses function interpolates unsanitized keyword parameters inside single quotes without escaping. Attackers who can craft a valid encrypted codeToExec payload can brea...

9.2CVSS0.01355EPSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-63305

AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php endpoint where notifyCode and callback parameters are concatenated into a shell command without escaping. Attackers who can craft a valid encrypted payload can inject arbitrary shell metacharacters into thes...

9.2CVSS0.01383EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-63305 AVideo through 29.0 OS Command Injection via ffmpeg.json.php

AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php endpoint where notifyCode and callback parameters are concatenated into a shell command without escaping. Attackers who can craft a valid encrypted payload can inject arbitrary shell metacharacters into thes...

9.2CVSS0.01383EPSS
Exploits0References2
CVE
CVE
added 2 days ago12 views

CVE-2026-63304

AVideo

9.2CVSS6.3AI score0.01355EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 10:16 a.m.8 views

CVE-2026-41876

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...

8.7CVSS0.01228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 9:5 a.m.35 views

CVE-2026-41876 OS Command Injection in R-SOFT DMS

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...

8.7CVSS0.01228EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 2:39 p.m.5 views

CVE-2026-27957 Coolify: Authenticated RCE via command injection in CA certificate management feature

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, an authenticated command injection vulnerability in the CA Certificate management feature allows any authenticated user to execute arbitrary commands as the configured SSH...

8.8CVSS6.2AI score0.00658EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 2:16 p.m.12 views

CVE-2026-40521

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execute arbitrary code by uploading files with traversal sequences in the uniquename parameter. Attackers can supply path traversal sequences...

8.8CVSS0.00627EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.15 views

PT-2026-53268

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description A path traversal issue exists in the attachment upload handler. Authenticated attackers can execute arbitrary code by uploading files using traversal sequences in the unique name parameter. ...

8.8CVSS6.8AI score0.00627EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 4:16 p.m.15 views

CVE-2026-48946

The K2 frontend article-attachment upload path accepts files whose extension is .php, and Apache's standard modphp matches .php$ and executes them under the K2 web user. A K2 Author can upload a shell.php, then fetch /media/k2/attachments/shell.php and execute arbitrary PHP code in the web...

6.3CVSS0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:33 a.m.8 views

EUVD-2026-39109

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS7.8AI score0.01126EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Apache HTTP Server versions 2.4.67 and earlier have security vulnerabilities, which stem from...

5.5CVSS5.3AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/06 12:31 a.m.11 views

EUVD-2026-34922

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of unserialize without an allowedclasses restriction in the IdsToCollection::getidsfromstring function, which processes...

8.8CVSS6.6AI score0.00652EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.12 views

CVE-2026-40520

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess function where GraphQL mutation input fields are passed directly to shellexec without sanitization or escaping. An authenticated user with a valid bearer token can send a GraphQL...

8.8CVSS6AI score0.01379EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:3 p.m.11 views

CVE-2026-46337

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

6.9CVSS6AI score0.00455EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 2:30 p.m.50 views

CVE-2026-41937 Vvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload

Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows superadmin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header and a...

8.6CVSS0.00403EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/04 12:37 p.m.30 views

EUVD-2026-26944

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

8.8CVSS5.8AI score0.00654EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/23 6:47 p.m.7 views

EUVD-2026-25281

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg background color parameter is accepted from user input and passed through image resize/rotate processing. In...

9.3CVSS6.1AI score0.01567EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 3:32 p.m.10 views

EUVD-2026-24086

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess function where GraphQL mutation input fields are passed directly to shellexec without sanitization or escaping. An authenticated user with a valid bearer token can send a GraphQL...

8.6CVSS6.1AI score0.01379EPSS
Exploits0References5
NVD
NVD
added 2026/04/21 1:16 p.m.7 views

CVE-2026-40520

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess function where GraphQL mutation input fields are passed directly to shellexec without sanitization or escaping. An authenticated user with a valid bearer token can send a GraphQL...

8.8CVSS0.01379EPSS
Exploits0References4
Rows per page
Query Builder