Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
code execution vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-19509
An issue exists in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.3
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2017-14143
The getUserzoneCookie function in Kaltura prior to 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote malicious users to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP c...
Kaltura Kaltura Server
2 EDB exploits
NA
CVE-2011-3230
Apple Safari prior to 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Safari
Apple Safari 5.0.6
Apple Safari 4.1.2
Apple Safari 4.1.1
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 3.1.2b
Apple Safari 3.1.2
Apple Safari 3.0.4b
Apple Safari 3.0.4
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 3.0.0b
Apple Safari 2.0.3
Apple Safari 2
Apple Safari 1.3.2
Apple Safari 1.2.4
Apple Safari 1.2.3
Apple Safari 1.0b1
Apple Safari 1.0
Apple Safari 1.0.0b2
1 EDB exploit
7.7
CVSSv3
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x prior to 11.3.11, 11.4 prior to 11.4.8, and 11.5 prior to 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
Gitlab Gitlab
6 Github repositories
7.5
CVSSv3
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x prior to 11.3.11, 11.4.x prior to 11.4.8, and 11.5.x prior to 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
Gitlab Gitlab
5 Github repositories
8.8
CVSSv3
CVE-2012-1496
Local file inclusion in WebCalendar prior to 1.2.5.
Webcalendar Project Webcalendar
1 EDB exploit
8.8
CVSSv3
CVE-2018-1133
An issue exists in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.
Moodle Moodle
1 EDB exploit
4 Github repositories
8.8
CVSSv3
CVE-2018-15728
Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. Authenticated users that have 'Full Admin' role assigned could send arbitrary Erlang code to the 'diag/eval' endpoint of the API and the co...
Couchbase Couchbase Server -
NA
CVE-2014-7235
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX prior to 2.9.0.9, 2.10.x, and 2.11 prior to 2.11.1.5 allows remote malicious users to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, a...
Freepbx Freepbx 2.10.0.5
Freepbx Freepbx 2.10.0.6
Sangoma Freepbx 2.11.0.2
Sangoma Freepbx 2.11.0.3
Freepbx Freepbx 2.10.0.1
Freepbx Freepbx 2.10.0.2
Freepbx Freepbx 2.10.0.9
Freepbx Freepbx 2.10.0.10
Freepbx Freepbx 2.11.1.1
Freepbx Freepbx 2.11.1.2
Sangoma Freepbx
Freepbx Freepbx 2.10.0.0
Freepbx Freepbx 2.10.0.7
Freepbx Freepbx 2.10.0.8
Sangoma Freepbx 2.11.0.4
Freepbx Freepbx 2.11.1.0
Freepbx Freepbx 2.10.0.3
Freepbx Freepbx 2.10.0.4
Sangoma Freepbx 2.11.0.0
Sangoma Freepbx 2.11.0.1
Freepbx Freepbx 2.11.1.3
Freepbx Freepbx 2.11.1.4
1 EDB exploit
8.8
CVSSv3
CVE-2019-13024
Centreon 18.x prior to 18.10.6, 19.x prior to 19.04.3, and Centreon web prior to 2.8.29 allows the malicious user to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command int...
Centreon Centreon 19.04.0
1 EDB exploit
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »