Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•108 views

IBM WebSphere Java Object Deserialization - Remote Code Execution

IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector port 8880 by default. id: CVE-2015-7450 info: name: IBM WebSphere Java Object Deserialization - Remote Code Execution author: wdahlenb severity: critical description: IBM Websphere Applicatio...

10CVSS7.1AI score0.97655EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•60 views

Joomla! Core SQL Injection

A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands. id: CVE-2015-7297 info: name: Joomla! Core SQL Injection author: princechaddha severity: high description: A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote...

7.5CVSS6.5AI score0.99967EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•191 views

Drupal SQL Injection

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing specially crafted keys. id: CVE-2014-3704 info: name: Drupal SQL...

7.5CVSS7.2AI score0.99974EPSS
Exploits20References7
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•103 views

Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection

A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. id: CVE-2024-21887 info: name: Ivanti Connect Secure...

9.1CVSS9AI score0.99999EPSS
Exploits23References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•47 views

TeamCity < 2023.11.4 - Authentication Bypass

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible id: CVE-2024-27199 info: name: TeamCity 2023.11.4 - Authentication Bypass author: DhiyaneshDk severity: high description: | In JetBrains TeamCity before 2023.11.4 path traversal allowing t...

9.8CVSS8.4AI score0.99991EPSS
Exploits25References2
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•138 views

SolarWinds Serv-U - Directory Traversal

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. id: CVE-2024-28995 info: name: SolarWinds Serv-U - Directory Traversal author: DhiyaneshDK severity: high description: | SolarWinds Serv-U was susceptibl...

8.6CVSS8.3AI score0.99614EPSS
Exploits8References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•34 views

Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass

Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a sessionid cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. id: CVE-2016-7552...

10CVSS8.4AI score0.93249EPSS
Exploits15References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•171 views

NUUO NVR camera `debugging_center_utils_.php` - Command Execution

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. id: CVE-2016-5674 info: name: NUUO NVR camera debuggingcenterutils.p...

10CVSS9.1AI score0.9461EPSS
Exploits11References2
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•102 views

Apache ActiveMQ Fileserver - Arbitrary File Write

Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request via the Fileserver web application. id: CVE-2016-3088 info: name: Apache ActiveMQ Fileserver - Arbitrary File Write author: fqhsu severity: critical...

9.8CVSS8.8AI score0.98518EPSS
Exploits19References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•41 views

NETGEAR Routers - Remote Code Execution

NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow...

9.3CVSS8.5AI score0.99781EPSS
Exploits9References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•240 views

Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass

Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available. id: CVE-2023-35078 info...

10CVSS8.8AI score0.99999EPSS
Exploits14References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•83 views

Joomla! Webservice - Password Disclosure

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. id: CVE-2023-23752 info: name: Joomla! Webservice - Password Disclosure author: badboycxcc,Sascha Brendel severity: medium description: | An issue was discovered in...

7.5CVSS6.7AI score0.99827EPSS
Exploits43References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•254 views

ManageEngine Desktop Central Java Deserialization

Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untrusted data, which permits remote code execution. id: CVE-2020-10189 info: name: ManageEngine Desktop Central Java Deserialization author: king-alexander severity: critical description: | Zoho ManageEngine...

10CVSS9.2AI score0.99941EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•213 views

D-Link DNS-320 - Unauthenticated Remote Code Execution

D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability in a systemmgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters fntpserver, which in turn leads to arbitrary command execution. id: CVE-2020-25506 info: name:...

9.8CVSS7.8AI score0.99968EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•81 views

OpenEMR < 7.0.1 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1. id: CVE-2023-2948 info: name: OpenEMR 7.0.1 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr...

8.3CVSS6.9AI score0.96731EPSS
Exploits1References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•257 views

Apache OFBiz < 18.12.10 - Arbitrary Code Execution

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. id: CVE-2023-49070 info: name: Apache OFBiz 18.12.10 - Arbitrary Code Execution author: your3cho severity: critical description: | Pre-auth RCE in Apach...

9.8CVSS8.7AI score0.95442EPSS
Exploits11References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•174 views

ServiceNow UI Macros - Template Injection

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...

9.8CVSS8.8AI score0.99976EPSS
Exploits8References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•124 views

D-Link Network Attached Storage - Command Injection and Backdoor Account

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument...

9.8CVSS7.2AI score0.99997EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•160 views

TeamCity < 2023.11.4 - Authentication Bypass

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible id: CVE-2024-27198 info: name: TeamCity 2023.11.4 - Authentication Bypass author: DhiyaneshDk severity: critical description: | In JetBrains TeamCity before 2023.11.4 authentication bypass...

9.8CVSS8.4AI score0.99991EPSS
Exploits25References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•150 views

Ivanti EPM - Remote Code Execution

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. id: CVE-2024-29824 info: name: Ivanti EPM - Remote Code Execution author: DhiyaneshDK severity: critical description: | ...

9.6CVSS9.4AI score0.99951EPSS
Exploits5References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•110 views

Adobe ColdFusion - Arbitrary File Read

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary...

7.4CVSS8AI score0.98514EPSS
Exploits7References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•442 views

WordPress Automatic Plugin <= 3.92.0 - SQL Injection

The Automatic plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.92.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append...

9.9CVSS9.1AI score0.93971EPSS
Exploits16References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•216 views

Ivanti SAML - Server Side Request Forgery (SSRF)

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. id: CVE-2024-21893 info: name: Ivanti SAML - Server...

9.1CVSS8.6AI score0.99999EPSS
Exploits19References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•933 views

PHP CGI - Argument Injection

PHP CGI - Argument Injection CVE-2024-4577 is a critical argument injection flaw in PHP. id: CVE-2024-4577 info: name: PHP CGI - Argument Injection author: Hüseyin TINTAŞ,sw0rk17,s4e-io,pdresearch severity: critical description: | PHP CGI - Argument Injection CVE-2024-4577 is a critical argument...

9.8CVSS7.7AI score0.99987EPSS
Exploits64References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•772 views

GlobalProtect - OS Command Injection

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama...

10CVSS9.2AI score0.99999EPSS
Exploits43References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•139 views

Webmin <1.990 - Improper Access Control

Webmin before 1.990 is susceptible to improper access control in GitHub repository webmin/webmin. This in turn can lead to remote code execution, by which an attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without enterin...

9CVSS8.2AI score0.96977EPSS
Exploits13References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•134 views

Hikvision - Authentication Bypass

Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0...

9.8CVSS8.5AI score0.99998EPSS
Exploits12References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•40 views

Joomla! <3.7.1 - SQL Injection

Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2017-8917 info: name: Joomla! 3.7.1 - SQL Injection...

9.8CVSS8.9AI score0.99826EPSS
Exploits21References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•345 views

Windows Server 2003 & IIS 6.0 - Remote Code Execution

Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If http://" in a PROPFIND...

10CVSS9.5AI score0.99823EPSS
Exploits39References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•93 views

PHPUnit - Remote Code Execution

PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring via Util/PHP/eval-stdin.php , as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...

9.8CVSS8.6AI score0.99999EPSS
Exploits19References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•163 views

DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution

DotNetNuke DNN versions between 5.0.0 - 9.3.0 are affected by a deserialization vulnerability that leads to remote code execution. id: CVE-2017-9822 info: name: DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution author: milo2012 severity: high description: DotNetNuke DNN...

8.8CVSS8.4AI score0.94789EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•27 views

Windows Server Update Service - Insecure Deserialization

Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. id: CVE-2025-59287 info:...

9.8CVSS8.9AI score0.99962EPSS
Exploits24References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•44 views

Ivanti Connect Secure - Stack-based Buffer Overflow

Ivanti Connect Secure 22.7R2.5, Ivanti Policy Secure 22.7R1.2, and Ivanti Neurons for ZTA gateways 22.7R2.3 contain a stack-based buffer overflow in the clientCapabilities parameter handling. This vulnerability allows remote unauthenticated attackers to execute arbitrary code through IF-T TLS...

9CVSS8.4AI score0.99971EPSS
Exploits13References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•149 views

PhpMyAdmin Scripts - Remote Code Execution

PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow...

9.8CVSS9.5AI score0.95438EPSS
Exploits16References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•66 views

Cisco HyperFlex HX Data Platform - Remote Command Execution

Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. id: CVE-2021-1498 info: name: Cisco HyperFlex HX Data Platform - Remote Command Executio...

10CVSS8.5AI score0.99999EPSS
Exploits6References7
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•147 views

Apache 2.4.49 - Path Traversal and Remote Code Execution

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed...

9.8CVSS8.1AI score0.99992EPSS
Exploits150References6
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•80 views

Apache Log4j2 Remote Code Injection

Apache Log4j2 =2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when...

10CVSS8AI score0.99999EPSS
Exploits354References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•45 views

Microsoft Open Management Infrastructure - Remote Code Execution

Microsoft Open Management Infrastructure is susceptible to remote code execution OMIGOD. id: CVE-2021-38647 info: name: Microsoft Open Management Infrastructure - Remote Code Execution author: daffainfo,xstp severity: critical description: Microsoft Open Management Infrastructure is susceptible t...

9.8CVSS8.2AI score0.99723EPSS
Exploits19References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•159 views

GitLab CE/EE - Remote Code Execution

GitLab CE/EE starting from 11.9 does not properly validate image files that were passed to a file parser, resulting in a remote command execution vulnerability. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for...

10CVSS8.8AI score0.99731EPSS
Exploits30
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•81 views

VMware vSphere Client (HTML5) - Remote Code Execution

VMware vCenter vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Th...

10CVSS9.6AI score0.9957EPSS
Exploits47References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•265 views

Confluence Server - Remote Code Execution

Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version...

9.8CVSS8.5AI score0.99999EPSS
Exploits45References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•32 views

Microsoft Exchange - Authentication Bypass

Microsoft Exchange Server Information Disclosure Vulnerability. This vulnerability enables an attacker to bypass authentication and gain access to the Exchange Server's internal. id: CVE-2021-33766 info: name: Microsoft Exchange - Authentication Bypass author: daffainfo severity: high description...

9.8CVSS7.9AI score0.99999EPSS
Exploits65References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•101 views

Zoho ManageEngine ServiceDesk Plus - Remote Code Execution

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. id: CVE-2021-44077 info: name: Zoho ManageEngine ServiceDesk Plus - Remote Code Execution author: Adam Crosser,gy741...

9.8CVSS9.2AI score0.93514EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•131 views

Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests ca...

9.8CVSS8.8AI score0.99964EPSS
Exploits175References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•789 views

Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution

Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. id: CVE-2021-3129 info: name:...

9.8CVSS8.6AI score0.99943EPSS
Exploits36References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•194 views

Dahua IPC/VTH/VTO - Authentication Bypass

Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. id: CVE-2021-33044 info: name: Dahua IPC/VTH/VTO - Authentication Bypass author: gy741 severity: critical description: Some...

10CVSS7.5AI score0.99871EPSS
Exploits12References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•73 views

Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution

Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services JSONWS. id: CVE-2020-7961 info: name: Liferay Portal Unauthenticated 7.2.1 CE GA2 - Remote Code Execution author: dwisiswant0 severity: critical description: Liferay Portal prior to 7.2.1 ...

9.8CVSS9.3AI score0.99783EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•28 views

Cisco ISE - Remote Code Execution

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to...

10CVSS9.2AI score0.96732EPSS
Exploits10References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•92 views

React Server Components - Remote Code Execution

React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack contain a remote code execution caused by unsafe deserialization of payloads from HTTP requests to Server Function endpoints, letting...

10CVSS8.7AI score0.99562EPSS
Exploits374References8
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•120 views

Artica Pandora FMS 7.44 - Remote Code Execution

Artica Pandora FMS 7.44 allows remote command execution via the events feature. id: CVE-2020-13851 info: name: Artica Pandora FMS 7.44 - Remote Code Execution author: theamanrawat severity: high description: | Artica Pandora FMS 7.44 allows remote command execution via the events feature. impact:...

9CVSS8.3AI score0.91095EPSS
Exploits4References4
Total number of security vulnerabilities4143