CVE-2025-66620

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2025-66620

CVE-2025-66620 concerns Columbia Weather Systems MicroServer. Reports describe an unused webshell that allows unlimited login attempts and sudo rights on select files/directories. An attacker with admin access can gain a limited shell, enable persistence (reverse shells), and modify or remove fil...

CVE-2025-66620 Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2025-66620 Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2019-12803

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. After the webshell upload, an attacker can use the webshell to perform remote code exection such as running a system comman...

Columbia Weather Systems MicroServer 安全漏洞

Columbia Weather Systems MicroServer is a weather data server from Columbia Weather Systems, USA. A security vulnerability exists in Columbia Weather Systems MicroServer that stems from an unused webshell that allows unlimited login attempts, which could result in limited shell access being gaine...

PT-2026-1859

Name of the Vulnerable Software and Affected Versions MicroServer affected versions not specified Description An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell...

Quanta QOCA aim AI Medical Cloud Platform 代码问题漏洞

Quanta QOCA aim AI Medical Cloud Platform is an artificial intelligence AI medical cloud computing integration platform from Quanta, a Taiwan, China-based company that provides comprehensive AI model development tools covering the entire process from AI development to clinical applications. The...

Exploit for CVE-2025-52691

CVE‑2025‑52691 – SmarterMail Arbitrary File Upload Vulnerabili...

CVE-2025-57460

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

EUVD-2025-205584

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

CVE-2025-57460

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

CVE-2025-57460

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

CVE-2025-57460

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

MachSol MachPanel 安全漏洞

MachSol MachPanel is a cloud automation control panel and billing platform from US-based MachSol. A security vulnerability exists in MachSol MachPanel version 8.0.32, which stems from a flaw in the file upload functionality that could lead to the acquisition of a webshell...

CVE-2025-57460

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell...

CVE-2025-57460

MachSol MachPanel 8.0.32 is affected by a file upload vulnerability that enables an attacker to gain a webshell. The Red Hat, ENISA, NVD, CNNVD, CVE records concur on the issue being a file upload flaw in MachPanel 8.0.32, with high impact (C/H/I/A) and network access. Root cause is described as ...

PT-2025-53721

Name of the Vulnerable Software and Affected Versions machsol machpanel version 8.0.32 Description A file upload issue exists in machsol machpanel version 8.0.32 that could allow an attacker to gain a webshell. The vulnerability involves the ability to upload malicious files, potentially leading ...

📄 Adobe Commerce Insecure Deserialization

This flaw in Magento 2 / Adobe Commerce 2.4.x enables remote attackers to manipulate internal session handling paths and abuse PHP object chains Guzzle FileCookieJar gadget to achieve arbitrary file write, leading to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2025-67436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authenticated Remote Code Execution RCE in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme...