CVE-2026-32032

OpenClaw versions prior to 2026.2.22 contain an arbitrary shell execution vulnerability in shell environment fallback that trusts the unvalidated SHELL path from the host environment. An attacker with local environment access can inject a malicious SHELL variable to execute arbitrary commands wit...

EUVD-2025-37196

sqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environment variable and config file path to sh -c without sanitization, allowing attackers to execute arbitrary commands...

Faculty Evaluation System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Faculty Evaluation System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

OS Command Injection in part-db/part-db

Description OS command injection also known as shell injection is a web security vulnerability that allows an attacker to execute arbitrary operating system OS commands on the server that is running an application, and typically fully compromise the application and all its data. Very often, an...

CVE-2019-6288

Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /EXCUSHELL URI...

Traffic Offense Management System 1.0 - SQL Injection to Remote Code Execution Exploit

Exploit Title: Traffic Offense Management System 1.0 - SQLi to Remote Code Execution RCE Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14909/online-traffic-offense-management-system-php-free-source-code.html Version: 1.0 Tested on: Linux import...

CVE-2018-19988

In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath script file without...

CVE-2018-19987

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B0101i3seBETA, and DIR-890L Rev.A 1.21B02BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint...

PT-2019-6342 · D Link · Dir-860L +4

Name of the Vulnerable Software and Affected Versions: D-Link DIR-822 versions Rev.B 202KRb06 through Rev.C 3.10B06 D-Link DIR-860L version Rev.B 2.03.B03 D-Link DIR-868L version Rev.B 2.05B02 D-Link DIR-880L version Rev.A 1.20B01 01 i3se BETA D-Link DIR-890L version Rev.A 1.21B02 BETA Descriptio...

Wordpress Theme Strange File Upload / File Deletion

Exploit for php platform in category web applications Exploit Title : Wordpress Theme Strange File Upload / File Deletion Exploit Author : NULLPointer Contact : https://www.facebook.com/xenith.gianni Date : 21/09/2014 Github Mirror :...

WordPress Kiddo Theme "uploadify.php"任意文件上传漏洞

WordPress Kiddo是WordPress的儿童主题。 WordPress Kiddo的/wp-content/themes/kiddo/app/assets/js/uploadify/uploadify.php脚本允许上传任意扩展名的文件到webroot的文件夹内，如果上传的文件包含恶意PHP脚本，即可导致执行任意PHP代码。 0 WordPress Kiddo 1.x 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Web eXperts文件上传和SQL注入漏洞

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: Web eXperts FileUpload/SQLi vulnerabilities + Date: 14-01-2014 + Category: WebApp + Google Dork: :intext:"Website Design & Developed By Web eXperts" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Exploit: Web...

Avira Internet Security avipbb.sys Filter Bypass and Privilege Escalation

Exploit for php platform in category web applications . . . \ \ | / \ \ \ | || / \ / / \ / |/ \ / | / \ / / /| | |/ \ \ \ // \ / / | \ /\ / | \ \ \ / \ //\ |\ | /\ // | /|\ / / / / / / / Exploit Title: WordPress Area53 theme Arbitrary File Upload Vulnerability Author: Byakuya Date:...

V-CMS 1.0 Shell Upload

------------------------------------------------------------------------ Software................V-CMS 1.0 Vulnerability...........Arbitrary Upload Threat Level............Very Critical 5/5 Download................http://v-cms.org/ Discovery Date..........11/13/2011 Tested On...............Window...

PrestaShop 1.3.6 - cms.php Remote File Inclusion

PrestaShop 1.3.6 - cms.php Remote File Inclusion source: https://www.securityfocus.com/bid/47264/info PrestaShop is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application...

Ultimate Uploader 1.3 - Arbitrary File Upload

Ultimate Uploader 1.3 - Arbitrary File Upload ========================================================================== Script Name : Ultimate Uploader 1.3 Language : php Vendor : http://www.element-it.com Author : Master Mind Home : www.shdowskill.com , www.vbspiders.com...

Ultimate Uploader 1.3 Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ====================================================== Ultimate Uploader 1.3 Remote File Upload Vulnerability ====================================================== ==========================================================================...

Unix Command Shell, Bind TCP (via netcat)

Listen for a connection and spawn a command shell via netcat This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include...

ScriptsFeed (SF) Real Estate Classifieds Software - Arbitrary File Upload

ScriptsFeed SF Real Estate Classifieds Software Remote File Upload ---------------------------------------------------------- Discovered By: ZoRLu Date: 13.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : my bug number now: 39 my...

MOAB-05-01-2007.rb.txt

!/usr/bin/ruby c 2006 LMH Kevin Finisterre Thanks to The French Connection for bringing this in-the-wild 0-day to our attention. If /tmp/ps2 exists on your system, you've been pwned already. Thanks to the original authors of the exploit 'meow'. You know who you are. "They did it for the lulz" - A...