CVE-2026-6257 Vvveb CMS < v1.0.8.2 Remote Code Execution via Media Management

Vvveb CMS v1.0.8.2 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename handler allows authenticated attackers to rename files to blocked extensions .php or .htaccess. Attackers can exploit this logic flaw by firs...

PT-2025-35099

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 2024R1.3.2 Description: Nagios XI is susceptible to remote code execution due to chained flaws: an arbitrary file upload and a path traversal within the Core Config Snapshots interface. Insufficient validation of...

Image Access Scan2Net 安全漏洞

Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net version 7.40 and earlier, version 7.42 and earlier, and version 7.42B and earlier, which originates from a code execution vulnerability that can be remotely exploited i...

The vulnerability of the Artica Proxy proxy server management system, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code on behalf of the “www-data” user.

The vulnerability of the Artica Proxy proxy server management system is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on behalf of the “www-data” user...

UBUNTU-CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...