13538 matches found
WordPress XCloner Backup Plugin Remote Code Execution (CVE-2020-35948)
A remote code execution vulnerability exists in WordPress XCloner Backup plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
DRK Odenwaldkreis Testerfassung Command Injection (CVE-2021-35062)
A command injection vulnerability exists in NETGEAR. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Projectsend Cross Site Scripting
A cross-site scripting vulnerability exists in Projectsend. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
FUEL CMS SQL Injection (CVE-2021-38727)
A SQL injection vulnerability exists in FUEL CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Netgear R6020 Command Injection (CVE-2021-41383)
A command injection vulnerability exists in Netgear R6020. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Simple Water Refilling Station Management System SQL Injection (CVE-2021-38840)
An SQL injection vulnerability exists in Simple Water Refilling Station Management System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
p0wny Shell Remote Code Execution (CVE-2017-9830; CVE-2018-15139; CVE-2018-19423; CVE-2018-6383; CVE-2020-29607; CVE-2021-24155; CVE-2021-24347)
p0wny Shell is a PHP shell. An attacker might use this shell to execute arbitrary code on the affected system...
Apache HTTP Server Server-Side Request Forgery (CVE-2021-40438)
A Server Side Request Forgery vulnerability exists in Apache HTTP Server. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...
HomeMatic Remote Code Execution (CVE-2021-33032)
A remote code execution vulnerability exists in Homematic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft SharePoint Server Remote Code Execution (CVE-2021-40487)
A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2021-40449)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2021-41357)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2021-40450)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds Write (APSB21-104: CVE-2021-40731)
An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Use After Free (APSB21-104: CVE-2021-40728)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40466)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2021-40470)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40467)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40443)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds Read (APSB21-104: CVE-2021-40729)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Strapi Remote Code Execution (CVE-2019-19609)
A remote code execution vulnerability exists in Strapi framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pear Admin Think Arbitrary File Upload (CVE-2021-29377)
An arbitrary file upload vulnerability exists in Pear Admin Think. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Support Board Plugin SQL Injection (CVE-2021-24741)
An SQL injection vulnerability exists in Support Board WordPress plugin before 3.3.4. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
ShowDoc Unrestricted File Upload (CVE-2021-36440)
An unrestricted file upload vulnerability exists in ShowDoc. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nascent RemKon Device Manager Remote Code Execution (CVE-2021-38613; CVE-2021-38611)
A remote code execution vulnerability exists in Nascent RemKon Device Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache HTTP Server Directory Traversal (CVE-2021-41773; CVE-2021-42013)
A directory traversal vulnerability exists in Apache HTTP Server. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Eyoucms Server Side Request Forgery (CVE-2021-39497)
A sever-side request forgery vulnerability exists in Eyoucms. The vulnerability is due to a lack of validation on the subdomain parameter in HTTP requests. Successful exploitation of this vulnerability could allow an unauthenticated attacker to make a request to any internal and external server...
Trend Micro Smart Protection Server Directory Traversal (CVE-2016-6269)
A directory traversal vulnerability exists in Trend Micro Smart Protection Server. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Ubiquiti Multiple Products Arbitrary File Upload (CVE-2015-9266)
An arbitrary file upload vulnerability exists in multiple Ubiquiti Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nuance Winscribe Dictation SQL Injection (CVE-2021-37599)
An SQL injection vulnerability exists in Nuance Winscribe Dictation. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
HP OfficeJet Cross Site Scripting
A stored cross-site scripting vulnerability exists in HP OfficeJet. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Sunhillo SureLine Command Injection (CVE-2021-36380)
A command injection vulnerability exists in Sunhillo SureLine. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
J2eeFAST SQL Injection (CVE-2021-28890)
An SQL injection vulnerability exists in J2eeFAST. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
F5 BIG-IQ Command Injection (CVE-2021-23024)
A command injection vulnerability exists in F5 BIG-IQ. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Sourcecodester Sales Management System Arbitrary File Upload (CVE-2021-36623)
An arbitrary file upload vulnerability exists in Sourcecodester Sales Management System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Trend Micro Password Manager Command Injection (CVE-2016-3987)
A command injection vulnerability exists in Trend Micro Password Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Eaton Network Shutdown Module Code Injection
A code injection vulnerability exists in Eaton. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Symantec Web Gateway Local File Inclusion (CVE-2012-2957)
A local file inclusion vulnerability exists in Symantec Web Gateway. Successful exploitation of this vulnerability could allow a remote attacker to damage user systems...
Moxa Multiple Products Command Injection (CVE-2021-39279)
A command injection vulnerability exists in Multiple Moxa Products. Successful exploitation of this vulnerability could allow a remote, authenticated attacker to execute arbitrary commands on the affected system...
Web Servers Directory Traversal Evasion Attempt
A directory traversal vulnerability exists multiple web servers. The vulnerability is due to an input validation error in the web server that does not properly sanitize directory traversal patterns. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on...
Dell EMC OpenManage Server Administrator Authentication Bypass (CVE-2021-21513)
An authentication bypass vulnerability exists in Dell EMC OpenManage Server Administrator. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
Eaton IPM Arbitrary File Deletion (CVE-2021-23278)
An arbitrary file deletion vulnerability exists in Eaton Intelligent Power Management and Eaton Intelligent Power Protector. The vulnerability is due to missing input validation in mapssrv.js and nodeupgradesrv.js...
PHP Session Upload Progress Remote Code Execution
A remote code execution vulnerability exists in PHP PHPSESSIONUPLOADPROGRESS session. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ampache Cross Site Scripting (CVE-2021-32644)
A cross site scripting vulnerability exists in Ampache. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
LG Network Attached Storage Command Injection (CVE-2021-38306)
A command injection vulnerability exists in LG Network Attached Storage. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
RaspAP Command Injection (CVE-2021-38556)
A command injection vulnerability exists in RaspAP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
WordPress ProfilePress Plugin Privilege Escalation (CVE-2021-34621)
A privilege escalation exists in WordPress ProfilePress plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
Seacms Remote Code Execution (CVE-2021-37358)
A remote code execution vulnerability exists in Seacms. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TP-Link Multiple Products Remote Code Execution (CVE-2020-35575)
A remote code execution vulnerability exists in Multiple TP-Link Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Heap Corruption (CVE-2021-21225)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...