CVE-2020-15227
|
Remote Code Execution vulnerability |
nette |
application |
2025-07-12 12:00:33 UTC |
The Shadowserver (via CIRCL) |
CVE-2021-33690
|
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions... |
SAP SE |
SAP NetWeaver Development Infrastructure (Component Build Service) |
2025-07-12 12:00:26 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-47812
|
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into... |
wftpserver |
Wing FTP Server |
2025-07-10 17:45:23 UTC |
Huntress Blog |
CVE-2020-28188
|
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via... |
TerraMaster |
TOS |
2025-07-09 12:00:20 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-46347
|
In the module "Step by Step products Pack" (ndk_steppingpack) version 1.5.6 and before from NDK Design for PrestaShop, a guest can perform SQL... |
NDK Design |
Step by Step products Pack |
2025-07-08 12:03:12 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-36111
|
KubePi's JWT token validation has a defect |
1Panel-dev |
KubePi |
2025-07-08 12:03:05 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-4450
|
jeecgboot JimuReport Template injection |
jeecgboot |
JimuReport |
2025-07-08 12:02:59 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-3710
|
Printer web page invalid command execution |
Honeywell, Honeywell |
PM23/43, PC23/43, PD43, PM42, PX4ie/6ie, PX45/65, PD45, PX240, PX940, PM45, RP2f/RP4f |
2025-07-08 12:02:52 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-26802
|
An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass... |
Digital China Networks |
DCBI-Netlog-LAB |
2025-07-08 12:02:42 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-35885
|
CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. |
CloudPanel |
CloudPanel |
2025-07-08 12:02:34 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-4634
|
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including,... |
dglingren |
Media Library Assistant |
2025-07-08 12:02:27 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-3836
|
Dahua Smart Park Management unrestricted upload |
Dahua |
Smart Park Management |
2025-07-08 12:02:20 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-31446
|
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This... |
Cassia Networks |
Cassia Gateway firmware |
2025-07-08 12:02:11 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-33831
|
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a... |
FUXA |
FUXA |
2025-07-08 12:02:00 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-52028
|
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. |
TOTOlink |
A3700R |
2025-07-08 12:01:51 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-1698
|
WAGO: WBM Command Injection in multiple products |
WAGO |
Compact Controller CC100, Edge Controller, PFC100, PFC200, Touch Panel 600 Advanced Line, Touch Panel 600 Marine Line, Touch Panel 600 Standard Line |
2025-07-08 12:01:44 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-25135
|
vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers... |
vBulletin |
vBulletin |
2025-07-08 12:01:35 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-34133
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an... |
SonicWall |
GMS, Analytics |
2025-07-08 12:01:28 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-29919
|
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not... |
n/a |
SolarView Compact |
2025-07-08 12:01:18 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-23333
|
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions... |
SolarView |
Compact |
2025-07-08 12:01:10 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-30625
|
rudder-server vulnerable to SQL Injection |
rudderlabs |
rudder-server |
2025-07-08 12:01:03 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-36509
|
H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. |
H3C |
GR3200 |
2025-07-08 12:00:53 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-28343
|
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone... |
Altenergy |
Power Control Software |
2025-07-08 12:00:42 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-1177
|
Path Traversal: '\..\filename' in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2025-07-08 12:00:35 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-22478
|
KubePi is vulnerable to missing authorization |
KubeOperator |
KubePi |
2025-07-08 12:00:28 UTC |
The Shadowserver (via CIRCL) |