Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-6619
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
Netlab Classsystem 2.3
1 EDB exploit
6.5
CVSSv2
CVE-2011-2745
upload_handler.php in the swfupload extension in Chyrp 2.0 and previous versions relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, vi...
Chyrp Chyrp
1 EDB exploit
7.2
CVSSv2
CVE-2019-1605
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sendin...
Cisco Nx-os
7.5
CVSSv2
CVE-2001-0400
nph-maillist.pl allows remote malicious users to execute arbitrary commands via shell metacharacters ("`") in the email address.
Matt Tourtillott Nph-maillist 3.0
Matt Tourtillott Nph-maillist 3.5
1 EDB exploit
NA
CVE-2023-31873
Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process').
Gin Project Gin 0.7.4
10
CVSSv2
CVE-2013-4495
The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) prior to 4.2.6 allows remote malicious users to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub.
Adaptivecomputing Torque Resource Manager
Adaptivecomputing Torque Resource Manager 4.1.5.1
Adaptivecomputing Torque Resource Manager 4.1.3
Adaptivecomputing Torque Resource Manager 3.0.4
Adaptivecomputing Torque Resource Manager 3.0.3
Adaptivecomputing Torque Resource Manager 2.5.6
Adaptivecomputing Torque Resource Manager 2.5.5
Adaptivecomputing Torque Resource Manager 2.5.10
Adaptivecomputing Torque Resource Manager 2.5.1
Adaptivecomputing Torque Resource Manager 2.5.0
Adaptivecomputing Torque Resource Manager 2.4.3
Adaptivecomputing Torque Resource Manager 2.4.2
Adaptivecomputing Torque Resource Manager 2.4.11
Adaptivecomputing Torque Resource Manager 2.4.10
Adaptivecomputing Torque Resource Manager 2.3.3
Adaptivecomputing Torque Resource Manager 2.3.2
Adaptivecomputing Torque Resource Manager 2.3.13
Adaptivecomputing Torque Resource Manager 2.2.0
Adaptivecomputing Torque Resource Manager 2.1.9
Adaptivecomputing Torque Resource Manager 2.1.10
Adaptivecomputing Torque Resource Manager 2.0.0
Adaptivecomputing Torque Resource Manager 4.2.4.1
6.5
CVSSv2
CVE-2013-7325
An issue exists in uscan in devscripts prior to 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
Debian Devscripts
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2005-2612
Direct code injection vulnerability in WordPress 1.5.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5
1 EDB exploit
2.6
CVSSv2
CVE-2008-2960
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
Phpmyadmin Phpmyadmin 2.10.0
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.1
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.4rc1
Phpmyadmin Phpmyadmin 2.11.0
7.5
CVSSv2
CVE-2002-0688
ZCatalog plug-in index support capability for Zope 2.4.0 up to and including 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Zope Zope 2.5.1
Zope Zope 2.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »