Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows malicious users to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the ...
Sleuthkit The Sleuth Kit 4.11.1
8.8
CVSSv3
CVE-2019-16663
An issue exists in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.2
3 Github repositories
NA
CVE-2011-0018
The email function in manage_sql.c in OpenVAS Manager 1.0.x up to and including 1.0.3 and 2.0.x up to and including 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assista...
Openvas Openvas Manager 1.0.0
Openvas Openvas Manager 2.0
Openvas Openvas Manager 1.0.1
Openvas Openvas Manager 1.0.3
Openvas Openvas Manager 1.0.2
1 EDB exploit
9.8
CVSSv3
CVE-2022-25765
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
Pdfkit Project Pdfkit
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9 Github repositories
9.8
CVSSv3
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.
Erlang Rebar3 3.0.0
Erlang Rebar3
9.8
CVSSv3
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI up to and including 10.0.2 allows PHP code injection.
Glpi-project Glpi
10 Github repositories
6.7
CVSSv3
CVE-2018-0477
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes c...
Cisco Ios Xe 16.7\\(1\\)
Cisco Ios Xe 16.7.1
Cisco Ios Xe 15.3\\(3\\)s3.16
6.7
CVSSv3
CVE-2018-0481
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes c...
Cisco Ios Xe 15.3\\(3\\)s3.16
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.7\\(1\\)
9.8
CVSSv3
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact up to and including 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
Contec Solarview Compact Firmware
4 Github repositories
6.7
CVSSv3
CVE-2021-34721
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local malicious user to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities,...
Cisco Ios Xr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »