Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-3418
config/userAdmin/login.tdf in Infoblox NetMRI prior to 6.8.5 allows remote malicious users to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
Infoblox Netmri 6.1.2
Infoblox Netmri 6.0.2.42
Infoblox Netmri 6.8.2.11
Infoblox Netmri
Infoblox Netmri 6.2.1.48
Infoblox Netmri 6.2.1
1 EDB exploit
1 Github repository
NA
CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows malicious users to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Chamilo Chamilo
1 Metasploit module
8 Github repositories
6.5
CVSSv2
CVE-2014-4688
pfSense prior to 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
Netgate Pfsense
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2012-3075
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices prior to 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
Cisco Telepresence System Software 1.7.0.1\\(4764\\)
Cisco Telepresence System Software 1.6.7\\(4212\\)
Cisco Telepresence System Software 1.5.3\\(2115\\)
Cisco Telepresence System Software 1.5.12\\(3701\\)
Cisco Telepresence System Software
Cisco Telepresence System Software 1.7.2.1\\(2\\)
Cisco Telepresence System Software 1.7.1\\(4864\\)
Cisco Telepresence System Software 1.7.0.2\\(4719\\)
Cisco Telepresence System Software 1.5.10\\(3648\\)
Cisco Telepresence System Software 1.5.1\\(2082\\)
Cisco Telepresence System Software 1.4.7\\(2229\\)
Cisco Telepresence System Software 1.3.2\\(1393\\)
Cisco Telepresence System Software 1.6.8\\(4222\\)
Cisco Telepresence System Software 1.6.6\\(4109\\)
Cisco Telepresence System Software 1.6.0\\(3954\\)
Cisco Telepresence System Software 1.5.13\\(3717\\)
Cisco Telepresence System Software 1.5.11\\(3659\\)
Cisco Telepresence System Software 1.2.3\\(1101\\)
Cisco Telepresence System Software 1.6.5\\(4097\\)
Cisco Telepresence System Software 1.6.4\\(4072\\)
Cisco Telepresence System Software 1.6.3\\(4042\\)
Cisco Telepresence System Software 1.6.2\\(4023\\)
7.5
CVSSv2
CVE-2019-9194
elFinder prior to 2.1.48 has a command injection vulnerability in the PHP connector.
Std42 Elfinder
2 EDB exploits
2 Github repositories
9
CVSSv2
CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS prior to 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.
Artica Pandora Fms 3.1
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
1 EDB exploit
9.3
CVSSv2
CVE-2010-4566
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and previous versions, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows malicious users to ...
Citrix Access Gateway 9.1-104.5
Citrix Access Gateway 8.1-69.4
Citrix Access Gateway 9.0.71.3
Citrix Access Gateway 8.0
Citrix Access Gateway
Citrix Access Gateway .8.0
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
Citrix Access Gateway 4.6.2
Citrix Access Gateway 4.6.3
Citrix Access Gateway 4.5.7
Citrix Access Gateway 4.5
Citrix Access Gateway 4.6.1
2 EDB exploits
9
CVSSv2
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall ...
Otrs Otrs 6.0.0
Otrs Otrs 6.0.1
Otrs Otrs
7.5
CVSSv2
CVE-2012-5520
The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x prior to 3.0.4 allows remote malicious users to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
Openvas Openvas Manager 3.0
Openvas Openvas Manager 3.0.0
Openvas Openvas Manager 3.0.1
Openvas Openvas Manager 3.0.2
Openvas Openvas Manager 3.0.3
7.2
CVSSv2
CVE-2018-0477
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes c...
Cisco Ios Xe 16.7\\(1\\)
Cisco Ios Xe 16.7.1
Cisco Ios Xe 15.3\\(3\\)s3.16
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »