Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 1:54 a.m.5 views

CVE-2026-20742

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8.8CVSS6.6AI score0.01489EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/27 3:30 a.m.6 views

EUVD-2026-8943

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8.8CVSS6.3AI score0.01489EPSS
Exploits0References4
NVD
NVD
added 2026/02/27 1:16 a.m.5 views

CVE-2026-20742

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8.8CVSS0.01489EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 1:16 a.m.4 views

CVE-2026-20742

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8.8CVSS6.5AI score0.01489EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 12:42 a.m.2 views

CVE-2026-20742

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8.8CVSS6.4AI score0.01489EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/27 12:42 a.m.25 views

CVE-2026-20742 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...

8CVSS0.01489EPSS
Exploits0References3
CVE
CVE
added 2026/02/27 12:42 a.m.14 views

CVE-2026-20742

CVE-2026-20742 is an OS command injection affecting XWEB Pro prior to 1.12.1. An authenticated attacker can trigger remote code execution by sending crafted input to the templates route. Affected product is XWEB Pro (Copeland XWEB family) with confirmed exposure in versions before 1.12.1. CVSS me...

8.8CVSS6.3AI score0.01489EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.6 views

PT-2026-22249

Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is achieved by injecting malicious input into requests sent to the /templates route. The issue is an OS...

8.8CVSS6.1AI score0.01489EPSS
Exploits0References9
Rows per page
Query Builder