header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Remote Command Execution
No results found
SQL Injection (6841)
Buffer Overflow (3830)
Cross-Site Scripting (2498)
Denial of Service (1853)
Remote Code Execution (1494)
Cross-Site Scripting (XSS) (852)
Directory Traversal (841)
Remote File Include (787)
Remote File Inclusion (723)
Privilege Escalation (675)
Authentication Bypass (671)
Local File Inclusion (606)
Information Disclosure (483)
Remote Command Execution (459)
Arbitrary File Upload (427)
Blind SQL Injection (425)
HTML Injection (398)
Cross-Site Request Forgery (384)
Command Injection (349)
Cross-Site Request Forgery (CSRF) (331)
Stack Buffer Overflow (320)
Stack Overflow (304)
Remote SQL Injection (288)
Unquoted Service Path (264)
Memory Corruption (254)
Denial of Service (DoS) (246)
Stored XSS (246)
Local Privilege Escalation (245)
Local File Include (241)
Remote Denial of Service (229)
Use-After-Free (211)
Heap-overflow (201)
Stored Cross-Site Scripting (XSS) (197)
Persistent Cross Site Scripting (187)
Remote Code Execution (RCE) (176)
XSS (169)
Stack-Based Buffer Overflow (165)
Remote Buffer Overflow (146)
Format String Vulnerability (145)
CSRF (142)
Path Traversal (136)
Integer Overflow (135)
Arbitrary Code Execution (134)
Code Execution (134)
Remote File Disclosure (127)
Input Validation (125)
SQL Injection and Cross Site Scripting (123)
Stored Cross Site Scripting (117)
Command Execution (115)
Insecure Cookie Handling (113)
CWE
No results found
78 (328)
N/A (20)
94 (19)
Unknown (9)
89 (5)
119 (4)
20 (4)
22 (3)
79 (3)
200 (2)
264 (2)
287 (2)
352 (2)
Not Specified (2)
255 (1)
284 (1)
399 (1)
434 (1)
522 (1)
77 (1)
798 (1)
98 (1)
Buffer Overflow (1)
Command Injection (1)
Not mentioned (1)
Not provided (1)
RCE (1)
CPE
No results found
N/A (127)
a:cpanel:cpanel (4)
a:freepbx:freepbx (3)
a:studio-42:elfinder:2.1.53 (3)
a:webmin:webmin (3)
Unknown (3)
a:centreon:centreon:19.10.5 (2)
a:csz_cms:csz_cms:1.3.0 (2)
a:linpha:linpha (2)
a:proftpd:proftpd:1.3.5 (2)
a:twiki:twiki (2)
cpe:a:securityfocus:finger_server (2)
Not provided (2)
Not Specified (2)
//a:validformbuilder:validformbuilder:1.0 (1)
2.0.4 and before (1)
2.1.47:elFinder (1)
2.3:a:monstra_cms:monstra:3.0.4 (1)
2.3:a:op5:op5_monitor:7.1.9 (1)
2.3:a:phpcompta:phpcompta:6.7.1_5638 (1)
2.3:a:phreesoft:phreebooks_erp:5.2.5 (1)
2.3:a:wordpress:advanced_order_export_for_woocommerce (1)
2.3.4 (1)
2.3.x (1)
2.3a:hfs:http_file_server (1)
2.4:Mapbender (1)
2BGal 3.0 (1)
4psa:voipnow_service_provider_edition (1)
a:21degrees:symphony (1)
a:acunetix:acunetix_web_vulnerability_scanner:10.0 (1)
a:alcatel:omnipcx_office (1)
a:antologic:antolinux (1)
a:apache:tika_server (1)
a:aruba:aruba_os:501 (1)
a:awstats_project:awstats (1)
a:barracuda_networks:spam_and_virus_firewall (1)
a:barracuda_networks:web_application_firewall (1)
a:bizdb:bizdb:1.0 (1)
a:broadcom:ca_privileged_access_manager:2.8.2 (1)
a:bugzilla:bugzilla:2.8 (1)
a:ca:release_automation:5.0 (1)
a:cacti:cacti (1)
a:centreon:centreon (1)
a:cisco:cs-mars (1)
a:cisco:rv110w_firmware:- (1)
a:cisco:unified_computing_system_manager (1)
a:claroline_project:claroline:1.7.4 (1)
a:cmsimple:cmsimple:5.15 (1)
a:cmsmini:cmsmini (1)
a:codice:codice_cms (1)
Vendor
No results found
N/A (36)
Cisco (5)
cPanel (5)
Apache (4)
HP (4)
Rejetto (4)
Studio-42 (4)
Sun (4)
Twiki (4)
WordPress (4)
Barracuda (3)
Centreon (3)
Drupal (3)
LinPHA (3)
Microsoft (3)
Synology (3)
Unknown (3)
vBulletin (3)
Webmin (3)
Barracuda Networks (2)
CSZ CMS (2)
D-Link (2)
DotBr (2)
Etomite (2)
Exim (2)
Family Connections (2)
FreePBX (2)
Geovision Inc. (2)
Hashicorp (2)
IPFire (2)
McAfee (2)
Nagios (2)
op5 (2)
OTRS (2)
Phlatline (2)
PhreeSoft (2)
ProFTPD (2)
Psunami (2)
QNAP (2)
QNX (2)
SAP (2)
Seagate (2)
SecurityFocus (2)
Siemens (2)
SPIP (2)
SquirrelMail (2)
Vendor (2)
Zabbix (2)
@lex Guestbook (1)
21degrees (1)
Product Name
No results found
N/A (7)
cPanel (4)
FreePBX (4)
Cacti (3)
Centreon (3)
CSZ CMS (3)
Struts (3)
TPC-110W (3)
Twiki (3)
vBulletin (3)
Web App Firewall/Load Balancer (3)
Webmin (3)
AWStats (2)
Claroline (2)
Consul (2)
CS-MARS (2)
Data Protector (2)
DiskStation Manager (2)
Drupal (2)
elFinder (2)
elFinder Web File Manager (2)
Etomite CMS (2)
exim (2)
Finger Server (2)
HttpFileServer (2)
Includer CGI (2)
IPFire (2)
Irix (2)
LinPHA Photo Gallery (2)
MyCMS (2)
op5 Monitor (2)
OTRS (2)
PBLang (2)
PHPMyChat (2)
PhreeBooks ERP (2)
pPIM (2)
ProFTPD (2)
Shoutbox (2)
Solaris (2)
SPIP (2)
SurgeFTP (2)
@lex Guestbook (1)
2BGal 3.0 (1)
Aardvark Topsites PHP (1)
Achievo (1)
Acunetix Web Vulnerability Scanner (1)
Adcycle (1)
Adspro (1)
Advanced Order Export For WooCommerce (1)
Affix BTSRV/BTOBS (1)
Version
From
No results found
N/A (61)
Unknown (13)
1 (11)
2 (8)
3.1 (8)
1.0 (4)
6.2 (4)
0.3 (3)
1.3 (3)
1.3.2000 (3)
2.1.53 (3)
All versions (3)
Load Balancer Firmware <= v5.4.0.004 (2015-11-26) & Web App Firewall Firmware <= 8.0.1.007 (2016-01-07) (3)
0.8.6d (2)
1.1 (2)
1.21 (2)
1.4 (2)
1.910 (2)
19.10.5 (2)
2.0.1 (2)
2.1.2 (2)
2.x (2)
4.0.0 (2)
4.0.1 (2)
4.X (2)
All (2)
cPanel version 5 (2)
< 1.18 (1)
< 2.2.1.1 (1)
< 3.9.0 (1)
< 5.2-5967-5 (1)
< 6.3.7 (1)
0.0.17 (1)
0.1 (1)
0.1.3 (1)
0.1.9.1 (1)
0.14.5 (1)
0.15.0dev (1)
0.2.7 (1)
0.21 (1)
0.3.2.1 (1)
0.4 (1)
0.4.0 (1)
0.4.1-14_fix06 (1)
0.54.2 (1)
0.6.1.2 (1)
0.7 and below (1)
0.7.0 (1)
0.7.2.1 (1)
0.7.5 (1)
To
No results found
N/A (69)
Unknown (18)
1 (10)
2 (6)
1.0 (4)
0.3 (3)
1.3.2000 (3)
2.1.53 (3)
3.5-RC7 (3)
6.2 (3)
All versions (3)
Load Balancer Firmware <= v5.4.0.004 (2015-11-26) & Web App Firewall Firmware <= 8.0.1.007 (2016-01-07) (3)
0.8.6d (2)
1.1 (2)
1.21 (2)
1.3 (2)
1.8 (2)
19.10.5 (2)
2.0.1 (2)
2.1.2 (2)
2.11 (2)
2.3.x (2)
2.x (2)
3.0.4 (2)
6.0.1 (2)
All (2)
cPanel version 5 (2)
< 2.2.1.1 (1)
< 6.3.7 (1)
0.0.17 (1)
0.1 (1)
0.1.4 (1)
0.1.9.1 (1)
0.14.5 (1)
0.15.0dev (1)
0.2.7 (1)
0.21 (1)
0.3.2.1 (1)
0.4 (1)
0.4.0 (1)
0.54.2 (1)
0.6.1.2 (1)
0.7.0 (1)
0.7.2.1 (1)
0.7.5 (1)
0.9.1 (1)
0.9.2 (1)
0.9.8d-RC2 (1)
0.9.9.2.1 (1)
0.95b (1)
Severity Type
No results found
HIGH (389)
N/A (34)
CRITICAL (32)
MEDIUM (4)
Severity Number
No results found
7.5 (185)
9 (62)
5 (51)
7 (50)
3 (41)
N/A (39)
9.3 (34)
8 (25)
9.8 (25)
8.8 (19)
Exploit Author
No results found
SecurityFocus (61)
rgod (19)
Unknown (15)
Osirys (11)
juan vazquez (9)
cijfer (8)
tmrswrr (8)
Anonymous (5)
darkjoker (5)
dun (5)
Hessam-x (5)
Kw3[R]Ln (5)
xort (5)
AkkuS (4)
Brendan Coles (4)
EgiX (4)
Federico Fazzi (4)
h00die (4)
patrick (4)
Quentin Kaiser (4)
Spabam (4)
bashis (3)
Brandon Perry (3)
Claudio Viviani (3)
Daniele Linguaglossa (3)
Fabien AUNAY (3)
Giovanni Buzzin (3)
hyp3rlinx (3)
Jerzy Kramarz (3)
Luigi Auriemma (3)
milw0rm.com (3)
nukedx (3)
Omri Baso (3)
sinn3r (3)
[Oo] (2)
0x09AL (2)
Ahmet Ümit BAYRAM (2)
Alberto Trivero (2)
Andreas Nusser (2)
Andres Riancho (2)
aushack (2)
Berk Dusunur (2)
Bharadwaj Machiraju (2)
Bhushan B. Patil (2)
BlackHawk (2)
David Maciejak (2)
Emanuele 'emgent' Gentili (2)
FOX_MULDER (2)
Francis Alexander (2)
Johannes Dahse (2)
Platforms Tested
No results found
N/A (127)
Linux (77)
Windows (45)
None (34)
unix (29)
Mac (10)
Unknown (10)
Apache (4)
PHP (4)
Java (3)
macOS (3)
Solaris (3)
*BSD (2)
BackBox 3.x (2)
Centos 7 (2)
GNU/Linux (2)
https://www.softaculous.com/apps/cms/CSZ_CMS (2)
Irix (2)
Multiple (2)
OTRS 5.0.2/CentOS 7.2.1511 (2)
Ubuntu 12.04 (2)
Unix variants (2)
WiN7_x64 (2)
Windows 10 (2)
Windows 8 (2)
Windows XP SP3 (2)
Xampp (2)
13.10 (1)
All (1)
and Microsoft Windows (1)
Apache-Coyote/1.1 (1)
ApeosPort-V 5070 (1)
ApeosPort-V C3375 (1)
ApeosPort-V C4475 (1)
ApeosPort-V C5576 (1)
ApeosPort-VI C3371 (1)
CentOS 7.7 (1)
Debian 10 and Ubuntu (1)
Debian 5.6.7-1kali1 (Kali 2020.1 x64) (1)
Debian 9 (1)
Debian Linux (1)
Debian/Ubuntu (1)
DocuCentre-IV C2263 (1)
DocuCentre-V 3065 (1)
DocuCentre-V C2263 (1)
DocuCentre-VI C2271 (1)
IA64 HP Server Rx3600 (1)
IE6/IE7 (1)
Independent (PHP) (1)
Internet Explorer 8 (1)
Year
Year
No results found
2002 (42)
2006 (40)
2009 (36)
2005 (29)
2008 (27)
2020 (22)
2012 (20)
2014 (20)
2018 (18)
2019 (18)
2013 (17)
Unknown (17)
2010 (13)
2007 (12)
2016 (11)
2017 (10)
2021 (10)
2001 (9)
2023 (9)
2011 (8)
2015 (8)
2003 (7)
2004 (7)
1999 (3)
2024 (3)
1998 (1)
2000 (1)
Jul 13 2016 (1)
Not mentioned (1)
Not provided (1)
Not Specified (1)

Explore all Exploits:

Show More

CMSimple 5.15 – Remote Command Execution

The vulnerability allows an attacker to execute arbitrary commands on the target system by uploading a malicious PHP file. By appending ",php" to the end of the Extensions_userfiles field in the CMS Settings, an attacker can upload a shell.php file via the Media section and access it remotely.

6.1
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name
CMSimple
Platforms Tested
MacOS
Affected Version
From:
5.15
To:
5.15
2024
Show More

WBCE CMS Version 1.6.1 Remote Command Execution

WBCE CMS version 1.6.1 is vulnerable to remote command execution. By uploading a malicious file and triggering its execution through the language installation feature, an attacker can execute arbitrary commands on the server. This can lead to unauthorized access, data theft, and other malicious activities. This vulnerability has been assigned CVE-2023-XXXXX.

6.1
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name
WBCE CMS
Platforms Tested
Affected Version
From:
1.6.2001
To:
1.6.2001
2023
Show More

PopojiCMS Version 2.0.1 Remote Command Execution

PopojiCMS version 2.0.1 is vulnerable to remote command execution. By injecting a malicious payload into the Meta Social section under settings, an attacker can execute arbitrary commands on the server. This can lead to unauthorized access and potential data breaches. The exploit allows an attacker to execute system commands, as demonstrated by the payload '<?php echo system('id'); ?>'.

6.1
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name
PopojiCMS
Platforms Tested
Linux
Affected Version
From:
2.0.1
To:
2.0.1
2023
Show More

TPC-110W Remote Command Execution

The code snippet demonstrates a C program that establishes a socket connection to a remote device with IP address 192.168.1.10 on port 8888. It then sends a command 'id' to the device, which is executed with root privileges. This vulnerability could be exploited by an attacker to remotely execute arbitrary commands on the target device.

7.1
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name
TPC-110W
Platforms Tested
Linux
Affected Version
From:
All versions
To:
2021
Show More

Remote Command Execution in elFinder Web file manager Version 2.1.53

The elFinder Web file manager version 2.1.53 allows remote attackers to execute arbitrary commands via an admin panel URL, which can lead to sensitive information disclosure. An attacker can upload a malicious PHP file to the target server and execute system commands, as demonstrated by accessing the /etc/passwd file.

6.1
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name
elFinder Web file manager
Platforms Tested
https://www.softaculous.com/apps/cms/CSZ_CMS
Affected Version
From:
2.1.53
To:
2.1.53
2023

Recent Exploits:

openSIS 9.1 – SQL Injection (Authenticated)

author
Devrim Dıragumandan (d0ub1edd)
vendor
OS4Ed
severity
6.1
HIGH

dizqueTV 1.5.3 – Remote Code Execution (RCE)

author
Ahmed Said Saud Al-Busaidi
vendor
Vexorian
severity
8.1
CRITICAL

reNgine 2.2.0 – Command Injection (Authenticated)

author
Caner Tercan
vendor
reNgine
severity
7.1
HIGH

Stored Cross-Site Scripting (XSS) in NoteMark

author
Alessio Romano (sfoffo)
vendor
Enchanted Code
severity
6.1
HIGH

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

author
Photubias
vendor
Microsoft
severity
6.1
HIGH

Invesalius 3.1 – Remote Code Execution (RCE)

author
Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)
vendor
Invesalius
severity
6.1
HIGH

Stored XSS in Gitea

author
Catalin Iovita & Alexandru Postolache
vendor
Gitea
severity
6.1
HIGH

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

author
Gjoko 'LiquidWorm'
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR

cqrsecured