31274 matches found
CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
CVE-2021-47900
Gila CMS
EUVD-2021-34749
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
CVE-2020-36942 Victor CMS 1.0 - File Upload To RCE
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...
CVE-2020-36942
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...
EUVD-2020-30860
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...
CVE-2020-36942
CVE-2020-36942 affects Victor CMS 1.0: authenticated users can upload PHP files via the profile image upload, enabling a PHP shell in the /img directory and browser-based command execution. The entry notes high impact to confidentiality, integrity, and availability. The documents do not provide a...
GHSA-M855-R557-5RC5 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the FindContainer function. An attacker can gain unauthorized interactive shell access to containers outside their permitted label scope by directly targeting container IDs through th...
Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....
SUSE CVE-2026-23520
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane's updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...
PT-2026-4931
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell exec to run system commands by sending...
SSH Key Persistence
This Metasploit module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use...
Dozzle security vulnerability
Dozzle is a small, lightweight application developed by Amir Raminfar as an individual developer. Versions of Dozzle prior to 9.0.3 contained security vulnerabilities. These vulnerabilities stemmed from defects in the Shell endpoints supported by the proxy, which could allow users to obtain...
PT-2026-4859
Name of the Vulnerable Software and Affected Versions Dozzle versions prior to 9.0.3 Description A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting...
📄 Ivanti Connect Secure 9.x / 22.x Command Injection
The provided PHP script targets CVE‑2024‑21887, a command injection vulnerability in Ivanti Connect Secure versions 9.x and 22.x It is designed to identify and exploit vulnerable systems through a crafted API request. It initializes a reusable cURL session to send malicious JSON payloads to a...
Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0 (CVE-2026-0383)
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
A malicious rsh server can overwrite arbitrary files in a directory on the rcp client machine
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...
Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands (CVE-2025-58381)
A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...