Lucene search
K

31274 matches found

Cvelist
Cvelist
added 2026/01/27 3:23 p.m.20 views

CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

9.8CVSS0.00602EPSS
Exploits0References4
CVE
CVE
added 2026/01/27 3:23 p.m.7 views

CVE-2021-47900

Gila CMS

9.8CVSS6.7AI score0.00602EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/27 3:23 p.m.8 views

EUVD-2021-34749

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

9.8CVSS6.7AI score0.00602EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/27 3:23 p.m.4 views

CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

9.8CVSS6.7AI score0.00602EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/27 3:23 p.m.23 views

CVE-2020-36942 Victor CMS 1.0 - File Upload To RCE

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

8.8CVSS0.00611EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/27 3:23 p.m.5 views

CVE-2020-36942

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

8.8CVSS6AI score0.00611EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/01/27 3:23 p.m.7 views

EUVD-2020-30860

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

8.8CVSS6AI score0.00611EPSS
Exploits1References3
CVE
CVE
added 2026/01/27 3:23 p.m.13 views

CVE-2020-36942

CVE-2020-36942 affects Victor CMS 1.0: authenticated users can upload PHP files via the profile image upload, enabling a PHP shell in the /img directory and browser-based command execution. The entry notes high impact to confidentiality, integrity, and availability. The documents do not provide a...

8.8CVSS6AI score0.00611EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/01/27 12:55 a.m.8 views

GHSA-M855-R557-5RC5 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....

8.7CVSS5.8AI score0.00385EPSS
Exploits1References5
Snyk
Snyk
added 2026/01/27 12:55 a.m.5 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the FindContainer function. An attacker can gain unauthorized interactive shell access to containers outside their permitted label scope by directly targeting container IDs through th...

9.9CVSS5.9AI score0.00385EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/01/27 12:55 a.m.18 views

Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....

9.9CVSS5.8AI score0.00385EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/01/27 12:26 a.m.12 views

SUSE CVE-2026-23520

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane's updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...

9CVSS5.9AI score0.01643EPSS
Exploits6References2
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4931

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell exec to run system commands by sending...

9.8CVSS6.7AI score0.00602EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.5 views

SSH Key Persistence

This Metasploit module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.5 views

Dozzle security vulnerability

Dozzle is a small, lightweight application developed by Amir Raminfar as an individual developer. Versions of Dozzle prior to 9.0.3 contained security vulnerabilities. These vulnerabilities stemmed from defects in the Shell endpoints supported by the proxy, which could allow users to obtain...

9.9CVSS5.8AI score0.00385EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.10 views

PT-2026-4859

Name of the Vulnerable Software and Affected Versions Dozzle versions prior to 9.0.3 Description A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting...

8.7CVSS5.9AI score0.00385EPSS
Exploits1References12
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.166 views

📄 Ivanti Connect Secure 9.x / 22.x Command Injection

The provided PHP script targets CVE‑2024‑21887, a command injection vulnerability in Ivanti Connect Secure versions 9.x and 22.x It is designed to identify and exploit vulnerable systems through a crafted API request. It initializes a reusable cURL session to send malicious JSON payloads to a...

9.1CVSS5.9AI score0.99999EPSS
Exploits18
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.16 views

Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0 (CVE-2026-0383)

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

8.2CVSS5.9AI score0.00198EPSS
Exploits0Affected Software1
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.19 views

A malicious rsh server can overwrite arbitrary files in a directory on the rcp client machine

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS7.4AI score0.58204EPSS
Exploits9
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.16 views

Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands (CVE-2025-58381)

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...

4.6CVSS5.9AI score0.00179EPSS
Exploits0
Rows per page
Query Builder