Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-15380
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent malicious user to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by conn...
Cisco Hyperflex Hx Data Platform 3.5\\(1a\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
8.8
CVSSv3
CVE-2023-20231
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sendin...
Cisco Ios Xe 16.12.4
Cisco Ios Xe 16.12.4a
Cisco Ios Xe 16.12.5
Cisco Ios Xe 16.12.5a
Cisco Ios Xe 16.12.5b
Cisco Ios Xe 16.12.6
Cisco Ios Xe 16.12.6a
Cisco Ios Xe 16.12.7
Cisco Ios Xe 16.12.8
Cisco Ios Xe 16.12.9
Cisco Ios Xe 17.2.2
Cisco Ios Xe 17.2.3
Cisco Ios Xe 17.3.1
Cisco Ios Xe 17.3.1a
Cisco Ios Xe 17.3.1w
Cisco Ios Xe 17.3.1x
Cisco Ios Xe 17.3.1z
Cisco Ios Xe 17.3.2
Cisco Ios Xe 17.3.3
Cisco Ios Xe 17.3.4
Cisco Ios Xe 17.3.4a
Cisco Ios Xe 17.3.4b
8.8
CVSSv3
CVE-2020-3219
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient va...
Cisco Ios Xe 16.1.1
Cisco Ios Xe 16.1.2
Cisco Ios Xe 16.1.3
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.2.2
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.3
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.3.5
Cisco Ios Xe 16.3.5b
Cisco Ios Xe 16.3.6
Cisco Ios Xe 16.3.7
Cisco Ios Xe 16.3.8
Cisco Ios Xe 16.3.9
Cisco Ios Xe 16.3.10
Cisco Ios Xe 16.4.1
Cisco Ios Xe 16.4.2
Cisco Ios Xe 16.4.3
Cisco Ios Xe 16.5.1
Cisco Ios Xe 16.5.1a
7.1
CVSSv3
CVE-2021-1530
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote malicious user to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability i...
Cisco Broadworks Messaging Server 22.0
NA
CVE-2013-1668
The uploadFile function in upload/index.php in CosCMS prior to 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.
Coscms Coscms
Coscms Coscms 1.41
Coscms Coscms 1.3
1 EDB exploit
9.8
CVSSv3
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
NA
CVE-2013-1177
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager prior to 4.8.3.1 and 4.9.x prior to 4.9.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095.
Cisco Network Admission Control Manager And Server System Software 4.8.1
Cisco Network Admission Control Manager And Server System Software 4.9.1
Cisco Network Admission Control Manager And Server System Software 4.9.0
Cisco Network Admission Control Manager And Server System Software
Cisco Network Admission Control Manager And Server System Software 4.8.2
Cisco Network Admission Control Manager And Server System Software 4.8.0
7.8
CVSSv3
CVE-2021-1448
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This ...
Cisco Firepower Threat Defense
NA
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
9.8
CVSSv3
CVE-2023-36812
OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been pat...
Opentsdb Opentsdb
1 Metasploit module
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »