Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-3418
config/userAdmin/login.tdf in Infoblox NetMRI prior to 6.8.5 allows remote malicious users to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
Infoblox Netmri 6.1.2
Infoblox Netmri 6.0.2.42
Infoblox Netmri 6.8.2.11
Infoblox Netmri
Infoblox Netmri 6.2.1.48
Infoblox Netmri 6.2.1
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS prior to 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.
Artica Pandora Fms 3.1
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
1 EDB exploit
9
CVSSv2
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x prior to 8.0.8-113, 8.1.x and 8.5.x prior to 8.5.3-051, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted...
Cisco Web Security Appliance 8.5.0-497
9.3
CVSSv2
CVE-2010-4566
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and previous versions, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows malicious users to ...
Citrix Access Gateway 9.1-104.5
Citrix Access Gateway 8.1-69.4
Citrix Access Gateway 9.0.71.3
Citrix Access Gateway 8.0
Citrix Access Gateway
Citrix Access Gateway .8.0
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
Citrix Access Gateway 4.6.2
Citrix Access Gateway 4.6.3
Citrix Access Gateway 4.5.7
Citrix Access Gateway 4.5
Citrix Access Gateway 4.6.1
2 EDB exploits
10
CVSSv2
CVE-2015-1497
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote malicious users to execute arbitrary commands via a crafted request to TCP port 3465.
Persistent Systems Radia Client Automation 7.9
Persistent Systems Radia Client Automation 8.1
Persistent Systems Radia Client Automation 9.0
Persistent Systems Radia Client Automation 9.1
3 EDB exploits
10
CVSSv2
CVE-2015-5082
Endian Firewall prior to 3.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Endian Firewall Endian Firewall
3 EDB exploits
NA
CVE-2022-20655
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker coul...
10
CVSSv2
CVE-2016-10108
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.
Western Digital Mycloud Nas 2.11.142
1 Metasploit module
9.3
CVSSv2
CVE-2017-15049
The ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
9
CVSSv2
CVE-2017-7981
Tuleap prior to 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki prior to 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap ...
Enalean Tuleap
Phpwiki Project Phpwiki 1.3.10
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »