Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-8389
cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware LM.1.6.17...
Airlive Bu-3026 Firmware 1.43 21.08.2014
Airlive Md-3025 Firmware 1.81 21.08.2014
Airlive Wl-2000cam Firmware Lm.1.6.18 14.10.2011
Airlive Poe-200cam V2 Firmware Lm.1.6.17.01
Airlive Bu-2015 Firmware 1.03.18 16.06.2014
10
CVSSv2
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.
Erlang Rebar3 3.0.0
Erlang Rebar3
NA
CVE-2020-138021
Rebar3 versions 3.0.0-beta.3 through 3.13.2 suffer from a command injection vulnerability.
9
CVSSv2
CVE-2011-0018
The email function in manage_sql.c in OpenVAS Manager 1.0.x up to and including 1.0.3 and 2.0.x up to and including 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assista...
Openvas Openvas Manager 1.0.0
Openvas Openvas Manager 2.0
Openvas Openvas Manager 1.0.1
Openvas Openvas Manager 1.0.3
Openvas Openvas Manager 1.0.2
1 EDB exploit
NA
CVE-2023-0830
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be us...
Easynas Easynas 1.1.0
1 Github repository
NA
CVE-2022-25765
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
Pdfkit Project Pdfkit
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9 Github repositories
NA
CVE-2024-23749
KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an malicious user to a...
9bis Kitty
4.3
CVSSv2
CVE-2019-10963
Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated malicious user to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.
Moxa Edr-810 Firmware
1 EDB exploit
6.5
CVSSv2
CVE-2015-4117
Vesta Control Panel prior to 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
Vestacp Control Panel
1 EDB exploit
6.5
CVSSv2
CVE-2019-10969
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated malicious user to abuse the ping feature to execute unauthorized commands on the router, which may allow an malicious user to perform remote code execution.
Moxa Edr-810 Firmware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »