Total
3411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18319 | 1 Asuswrt-merlin Project | 28 Rt-ac1900, Rt-ac1900 Firmware, Rt-ac2900 and 25 more | 2024-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution | |||||
| CVE-2018-13818 | 1 Symfony | 1 Twig | 2024-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it | |||||
| CVE-2017-9442 | 1 Bigtreecms | 1 Bigtree Cms | 2024-05-17 | 6.5 MEDIUM | 8.8 HIGH |
| BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php. This issue exists in core\admin\modules\developer\extensions\install\unpack.php and core\admin\modules\developer\packages\install\unpack.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files. | |||||
| CVE-2017-8284 | 1 Qemu | 1 Qemu | 2024-05-17 | 6.9 MEDIUM | 7.0 HIGH |
| The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes. | |||||
| CVE-2017-18924 | 1 Oauth2-server Project | 1 Oauth2-server | 2024-05-17 | 5.0 MEDIUM | 7.5 HIGH |
| oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749 compliant" is valid and not misleading and I also therefore wouldn't describe this as a "vulnerability" with the library per se. | |||||
| CVE-2017-16871 | 1 Updraftplus | 1 Updraftplus | 2024-05-17 | 6.8 MEDIUM | 8.1 HIGH |
| The UpdraftPlus plugin through 1.13.12 for WordPress allows remote PHP code execution because the plupload_action function in /wp-content/plugins/updraftplus/admin.php has a race condition before deleting a file associated with the name parameter. NOTE: the vendor reports that this does not cross a privilege boundary | |||||
| CVE-2015-10009 | 1 Nonfiction | 1 Nterchange | 2024-05-17 | 5.2 MEDIUM | 9.8 CRITICAL |
| A vulnerability was found in nterchange up to 4.1.0. It has been rated as critical. This issue affects the function getContent of the file app/controllers/code_caller_controller.php. The manipulation of the argument q with the input %5C%27%29;phpinfo%28%29;/* leads to code injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.1 is able to address this issue. The patch is named fba7d89176fba8fe289edd58835fe45080797d99. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217187. | |||||
| CVE-2012-0693 | 1 Whmcs | 1 Whmcompletesolution | 2024-05-17 | 5.0 MEDIUM | N/A |
| submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap CVE-2011-5061, but that it "says it affects V5.0.3, and the submitticket.php file, both of which are wrong. | |||||
| CVE-2012-0394 | 1 Apache | 1 Struts | 2024-05-17 | 6.8 MEDIUM | N/A |
| The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself. | |||||
| CVE-2010-4924 | 1 Clearbudget | 1 Clearbudget | 2024-05-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party | |||||
| CVE-2008-6544 | 1 Simple Machines | 1 Simple Machines Forum | 2024-05-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) settings[default_theme_dir] parameter to Sources/Subs-Graphics.php and (2) settings[default_theme_dir] parameter to Sources/Themes.php. NOTE: CVE and multiple third parties dispute this issue because the files contain a protection mechanism against direct request | |||||
| CVE-2008-5749 | 2 Google, Microsoft | 2 Chrome, Windows Xp | 2024-05-17 | 6.8 MEDIUM | N/A |
| Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission. | |||||
| CVE-2008-2478 | 1 Cpanel | 1 Cpanel | 2024-05-17 | 8.5 HIGH | N/A |
| scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel. | |||||
| CVE-2008-1467 | 1 Centerim | 1 Centerim | 2024-05-17 | 6.8 MEDIUM | N/A |
| CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by the victim | |||||
| CVE-2008-1171 | 1 Phpbb | 1 123 Flash Chat Module | 2024-05-17 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE disputes this issue because $phpbb_root_path is explicitly set to "./" in both programs | |||||
| CVE-2008-0560 | 1 Contact Forms | 1 Cforms | 2024-05-17 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter. NOTE: CVE disputes this issue for 7.3, since there is no tm parameter, and the code exits with a fatal error due to a call to an undefined function | |||||
| CVE-2007-5566 | 1 Phpblog | 1 Phpblog | 2024-05-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPBlog 0.1 Alpha allow remote attackers to execute arbitrary PHP code via a URL in the blog_localpath parameter to (1) includes/functions.php or (2) includes/email.php. NOTE: this issue is disputed by CVE because the identified code is in functions that are not accessible via direct request | |||||
| CVE-2007-5565 | 1 Phpscms | 1 Phpscms | 2024-05-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE because the identified code is in a function that is not accessible via direct request | |||||
| CVE-2007-5389 | 2 Joomla, Swmenupro | 2 Joomla, Swmenufree | 2024-05-17 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: a reliable third party disputes this issue because preview.php tests a certain constant to prevent direct requests | |||||
| CVE-2007-5165 | 1 Myipacng-stats | 1 Myipacng-stats | 2024-05-17 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in init.php in Jens Tkotz myIpacNG-stats (MINGS) 0.05 allows remote attackers to execute arbitrary PHP code via a URL in the MINGS_BASE parameter. NOTE: this issue is disputed by CVE because MINGS_BASE is defined before use | |||||