Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows malicious users to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Chamilo Chamilo
1 Metasploit module
8 Github repositories
10
CVSSv2
CVE-2014-3418
config/userAdmin/login.tdf in Infoblox NetMRI prior to 6.8.5 allows remote malicious users to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
Infoblox Netmri 6.8.2.11
Infoblox Netmri 6.1.2
Infoblox Netmri 6.2.1
Infoblox Netmri 6.0.2.42
Infoblox Netmri
Infoblox Netmri 6.2.1.48
1 EDB exploit
1 Github repository
10
CVSSv2
CVE-2021-46422
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote malicious user to execute OS commands without any authentication.
Telesquare Sdt-cs3b1 Firmware 1.1.0
14 Github repositories
10
CVSSv2
CVE-2016-10043
An issue exists in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi exists to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output in the applicatio...
Mrf Web Panel 9.0.1
1 EDB exploit
6.5
CVSSv2
CVE-2014-4688
pfSense prior to 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
Netgate Pfsense
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS prior to 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.
Artica Pandora Fms 1.3
Artica Pandora Fms 1.2
Artica Pandora Fms 2.1.1
Artica Pandora Fms
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 1.3.1
Artica Pandora Fms 2.1
Artica Pandora Fms 3.1
1 EDB exploit
7.2
CVSSv2
CVE-2017-6707
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 up to and including 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local malicious user t...
Cisco Staros 16.0(900)
Cisco Staros 12.2(300)
Cisco Staros 19.3.0
Cisco Staros 14.0(600)
Cisco Staros 20.0.0
Cisco Staros 19.0.m0.61045
Cisco Staros 20.0.m0.63229
Cisco Staros 18.1.0.59776
Cisco Staros 15.0(935)
Cisco Staros 19.1.0.61559
Cisco Staros 17.3.1
Cisco Staros 19.0.1
Cisco Staros 19.0.m0.60737
Cisco Staros 15.0 Base
Cisco Staros 19.0.m0.60828
Cisco Staros 16.1.1
Cisco Staros 15.0(938)
Cisco Staros 16.1.0
Cisco Staros 21.0 M0.64702
Cisco Staros 18.3.0
Cisco Staros 18.0.0.57828
Cisco Staros 17.3.0
9.3
CVSSv2
CVE-2010-4566
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and previous versions, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows malicious users to ...
Citrix Access Gateway 8.0
Citrix Access Gateway .8.0
Citrix Access Gateway 8.1-69.4
Citrix Access Gateway 9.0.71.3
Citrix Access Gateway 9.1-104.5
Citrix Access Gateway
Citrix Access Gateway 4.5.7
Citrix Access Gateway 4.6.2
Citrix Access Gateway 4.5
Citrix Access Gateway 4.6.3
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
Citrix Access Gateway 4.6.1
2 EDB exploits
10
CVSSv2
CVE-2015-5082
Endian Firewall prior to 3.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Endian Firewall Endian Firewall
3 EDB exploits
10
CVSSv2
CVE-2015-1497
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote malicious users to execute arbitrary commands via a crafted request to TCP port 3465.
Persistent Systems Radia Client Automation 9.0
Persistent Systems Radia Client Automation 7.9
Persistent Systems Radia Client Automation 8.1
Persistent Systems Radia Client Automation 9.1
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »