Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2018-7046
Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> La...
Kentico Kentico Cms
8.8
CVSSv3
CVE-2023-31874
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').
Yank-note Yank Note 3.52.1
NA
CVE-2008-6619
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
Netlab Classsystem 2.3
1 EDB exploit
NA
CVE-2011-2745
upload_handler.php in the swfupload extension in Chyrp 2.0 and previous versions relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, vi...
Chyrp Chyrp
1 EDB exploit
7.8
CVSSv3
CVE-2019-1605
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sendin...
Cisco Nx-os
8.8
CVSSv3
CVE-2013-3629
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
Ispconfig Ispconfig 3.0.5.2
1 EDB exploit
NA
CVE-2013-4495
The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) prior to 4.2.6 allows remote malicious users to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub.
Adaptivecomputing Torque Resource Manager 3.0.3
Adaptivecomputing Torque Resource Manager 2.4.4
Adaptivecomputing Torque Resource Manager 4.2.3
Adaptivecomputing Torque Resource Manager 2.5.5
Adaptivecomputing Torque Resource Manager 2.5.6
Adaptivecomputing Torque Resource Manager 4.2.2
Adaptivecomputing Torque Resource Manager 2.1.3
Adaptivecomputing Torque Resource Manager 2.4.16
Adaptivecomputing Torque Resource Manager 3.0.4
Adaptivecomputing Torque Resource Manager 2.4.17
Adaptivecomputing Torque Resource Manager 2.3.5
Adaptivecomputing Torque Resource Manager 2.3.9
Adaptivecomputing Torque Resource Manager 2.5.2
Adaptivecomputing Torque Resource Manager 3.0.0
Adaptivecomputing Torque Resource Manager 2.3.6
Adaptivecomputing Torque Resource Manager 2.5.0
Adaptivecomputing Torque Resource Manager 4.1.7
Adaptivecomputing Torque Resource Manager 4.2.4.1
Adaptivecomputing Torque Resource Manager 2.4.13
Adaptivecomputing Torque Resource Manager 2.3.11
Adaptivecomputing Torque Resource Manager 2.4.5
Adaptivecomputing Torque Resource Manager 2.5.4
NA
CVE-2002-0688
ZCatalog plug-in index support capability for Zope 2.4.0 up to and including 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Zope Zope 2.4.0
Zope Zope 2.5.1
NA
CVE-2003-0372
Signed integer vulnerability in libnasl in Nessus prior to 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL sc...
Nessus Nessus
1 EDB exploit
NA
CVE-2008-2960
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.4rc1
Phpmyadmin Phpmyadmin 2.11.5rc1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.10.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »