Created
August 4, 2023 23:05
-
-
Save oghie/eaa4d8ca1b912ca9ee7b3fbf806eb4ad to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CMS@joomla@joomla\!@*@(Set-Cookie: [a-z0-9]{32}=.*); | |
| CMS@joomla@joomla\!@*@(Set-Cookie: .*=[a-z0-9]{26,32}); | |
| CMS@heartcore@heartcore@*@(Set-Cookie:.*=[A-Z0-9]{32});.* | |
| CMS@heartcore@heartcore@*@(<meta name=["']author["'] content=["']{2}).* | |
| CMS@wordpress@wordpress@*@(X-Pingback):.*xmlrpc.php[\r\n] | |
| CMS@wordpress@wordpress@*@(<body class=["']home ).* | |
| CMS@joomla@[email protected]@(/isis/) | |
| CMS@joomla@[email protected]@(/isis/favicon.ico) | |
| CMS@joomla@[email protected]@(/isis/login.php) | |
| CMS@joomla@[email protected]@(/isis/component.php) | |
| CMS@joomla@[email protected]@(/isis/template_thumbnail.png) | |
| CMS@joomla@[email protected]@(/isis/index.php) | |
| CMS@joomla@[email protected]@(/isis/template_preview.png) | |
| CMS@joomla@[email protected]@(/isis/error.php) | |
| CMS@joomla@[email protected]@(/isis/templateDetails.xml) | |
| CMS@joomla@[email protected]@(/isis/cpanel.php) | |
| CMS@joomla@[email protected]@(/hathor/) | |
| CMS@joomla@[email protected]@(/hathor/favicon.ico) | |
| CMS@joomla@[email protected]@(/hathor/login.php) | |
| CMS@joomla@[email protected]@(/hathor/LICENSE.txt) | |
| CMS@joomla@[email protected]@(/hathor/component.php) | |
| CMS@joomla@[email protected]@(/hathor/template_thumbnail.png) | |
| CMS@joomla@[email protected]@(/hathor/index.php) | |
| CMS@joomla@[email protected]@(/hathor/template_preview.png) | |
| CMS@joomla@[email protected]@(/hathor/error.php) | |
| CMS@joomla@[email protected]@(/hathor/templateDetails.xml) | |
| CMS@joomla@[email protected]@(/hathor/cpanel.php) | |
| CMS@joomla@[email protected]@(/logs/) | |
| CMS@joomla@[email protected]@(/logs/index.html) | |
| CMS@joomla@[email protected]@(/cache/) | |
| CMS@joomla@[email protected]@(/cache/index.html) | |
| CMS@joomla@[email protected]@(/overrides/) | |
| CMS@joomla@[email protected]@(/overrides/index.html) | |
| CMS@joomla@[email protected]@(/isis/html/) | |
| CMS@joomla@[email protected]@(/isis/html/editor_content.css) | |
| CMS@joomla@[email protected]@(/isis/html/pagination.php) | |
| CMS@joomla@[email protected]@(/isis/html/modules.php) | |
| CMS@joomla@[email protected]@(/html/) | |
| CMS@joomla@[email protected]@(/html/editor_content.css) | |
| CMS@joomla@[email protected]@(/html/pagination.php) | |
| CMS@joomla@[email protected]@(/html/modules.php) | |
| CMS@joomla@[email protected]@(/html/modules.php) | |
| CMS@Oracle@[email protected]@(/console/login/LoginForm.jsp) | |
| CMS@Oracle@[email protected]@(/console/login/LoginForm.jsp) | |
| CMS@Oracle@[email protected]@(/console/login/LoginForm.jsp) | |
| CMS@prestashop@PrestaShop@*@(/modules/columnadverts/) | |
| CMS@prestashop@PrestaShop@*@(/modules/soopabanners/) | |
| CMS@prestashop@PrestaShop@*@(/modules/soopabanners/) | |
| CMS@prestashop@PrestaShop@*@(/modules/simpleslideshow/) | |
| CMS@prestashop@PrestaShop@*@(/modules/productpageadverts/) | |
| CMS@prestashop@PrestaShop@*@(/modules/homepageadvertise2/) | |
| CMS@prestashop@PrestaShop@*@(/modules/jro_homepageadvertise/) | |
| CMS@prestashop@PrestaShop@*@(/modules/attributewizardpro/) | |
| CMS@prestashop@PrestaShop@*@(/modules/1attributewizardpro/) | |
| CMS@prestashop@PrestaShop@*@(/modules/attributewizardpro.OLD/) | |
| CMS@prestashop@PrestaShop@*@(/modules/attributewizardpro_x/) | |
| CMS@prestashop@PrestaShop@*@(/modules/advancedslider/) | |
| CMS@prestashop@PrestaShop@*@(/modules/cartabandonmentpro/) | |
| CMS@prestashop@PrestaShop@*@(/modules/cartabandonmentproOld/) | |
| CMS@prestashop@PrestaShop@*@(/modules/videostab/) | |
| CMS@prestashop@PrestaShop@*@(/modules//wg24themeadministration/) | |
| CMS@prestashop@PrestaShop@*@(/modules/fieldvmegamenu/) | |
| CMS@prestashop@PrestaShop@*@(/modules/wdoptionpanel/) | |
| CMS@prestashop@PrestaShop@*@(/modules/pk_flexmenu/) | |
| CMS@prestashop@PrestaShop@*@(/modules/pk_vertflexmenu/) | |
| CMS@prestashop@PrestaShop@*@(/modules/nvn_export_orders/) | |
| CMS@prestashop@PrestaShop@*@(/modules/tdpsthemeoptionpanel/) | |
| CMS@prestashop@PrestaShop@*@(/modules/lib/redactor/) | |
| CMS@ActualAnalyzer@ActualAnalyzer@*@(/ActualAnalyzer) | |
| CMS@aerohive@[email protected]@(/action="login\.php5\?version=(.*?)"/) | |
| CMS@ajenti@[email protected]@(/ajenti/) | |
| CMS@arkeia@Western@*@*@* | |
| CMS@AWStats configdir Remote Command Execution@*@*@* | |
| CMS@AWStats migrate Remote Command Execution@*@*@* | |
| CMS@AWStats Totals multisort Remote Command Execution@*@*@* | |
| CMS@Barracuda IMG.PL Remote Command Execution@*@*@* | |
| CMS@BASE base_qry_common Remote File Include@*@*@* | |
| CMS@Basilic 1.5.14 diff.php Arbitrary Command Execution@*@*@* | |
| CMS@bolt@[email protected]@* | |
| CMS@Cacti graph_view.php Remote Command Execution@*@*@* | |
| CMS@CakePHP Cache Corruption Code Execution@*@*@* | |
| CMS@Carberp Web Panel C2 Backdoor Remote PHP Code Execution@*@*@* | |
| CMS@Citrix Access Gateway Command Execution@*@*@* | |
| CMS@ClipBucket Remote Code Execution@*@*@* | |
| CMS@Coppermine Photo Gallery picEditor.php Command Execution@*@*@* | |
| CMS@DataLife Engine preview.php PHP Code Injection@*@*@* | |
| CMS@Dogfood CRM spell.php Remote Command Execution@*@*@* | |
| CMS@Drupal CODER Module Remote Command Execution@*@*@* | |
| CMS@Drupal Drupalgeddon 2 Forms API Property Injection@*@*@* | |
| CMS@Drupal RESTWS Module Remote PHP Code Execution@*@*@* | |
| CMS@Drupal RESTful Web Services unserialize() RCE@*@*@* | |
| CMS@EGallery PHP File Upload Vulnerability@*@*@* | |
| CMS@elFinder PHP Connector exiftran Command Injection@*@*@* | |
| CMS@FlashChat Arbitrary File Upload@*@*@* | |
| CMS@Foswiki MAKETEXT Remote Command Execution@*@*@* | |
| CMS@FreePBX config.php Remote Code Execution@*@*@* | |
| CMS@FusionPBX Command exec.php Command Execution@*@*@* | |
| CMS@FusionPBX Operator Panel exec.php Command Execution@*@*@* | |
| CMS@Generic Web Application Unix Command Execution@*@*@* | |
| CMS@GetSimpleCMS PHP File Upload Vulnerability@*@*@* | |
| CMS@Graphite Web Unsafe Pickle Handling@*@*@* | |
| CMS@Matt Wright guestbook.pl Arbitrary Command Execution@*@*@* | |
| CMS@Hastymail 2.1.1 RC1 Command Injection@*@2.1.1@* | |
| CMS@Havalite CMS Arbitary File Upload Vulnerability@*@*@* | |
| CMS@Horde Framework Unserialize PHP Code Execution@*@*@* | |
| CMS@HybridAuth install.php PHP Code Execution@*@*@* | |
| CMS@InstantCMS 1.6 Remote PHP Code Execution@*@*@* | |
| CMS@Invision IP.Board unserialize() PHP Code Execution@*@*@* | |
| CMS@Joomla Akeeba Kickstart Unserialize Remote Code Execution@*@*@* | |
| CMS@Joomla Component Fields SQLi Remote Code Execution@*@*@* | |
| CMS@Joomla Component JCE File Upload Remote Code Execution@*@*@* | |
| CMS@Joomla Content History SQLi Remote Code Execution@*@*@* | |
| CMS@Joomla Media Manager File Upload Vulnerability@*@*@* | |
| CMS@joomla@[email protected]@(plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser) | |
| CMS@blueimp's jQuery (Arbitrary) File Upload@*@*@* | |
| CMS@Kimai v0.9.2 'db_restore.php' SQL Injection@*@*@* | |
| CMS@LibrettoCMS File Manager Arbitary File Upload Vulnerability@*@*@* | |
| CMS@Maarch LetterBox Unrestricted File Upload@*@*@* | |
| CMS@Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include@*@*@* | |
| CMS@Mitel Audio and Web Conferencing Command Injection@*@*@* | |
| CMS@MoinMoin twikidraw Action Traversal File Upload@*@*@* | |
| CMS@myBB 1.6.4 Backdoor Arbitrary Command Execution@*@*@* | |
| CMS@Nagios3 history.cgi Host Command Execution@*@*@* | |
| CMS@Nagios3 statuswml.cgi Ping Command Execution@*@*@* | |
| CMS@Nagios XI Network Monitor Graph Explorer Component Command Injection@*@*@* | |
| CMS@Narcissus Image Configuration Passthru Vulnerability@*@*@* | |
| CMS@Open Flash Chart v2 Arbitrary File Upload@*@*@* | |
| CMS@OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution@*@*@* | |
| CMS@OpenEMR PHP File Upload Vulnerability@*@*@* | |
| CMS@OpenMediaVault rpc.php Authenticated PHP Code Injection@*@*@* | |
| CMS@OpenNetAdmin Ping Command Injection@*@*@* | |
| CMS@openSIS Unauthenticated PHP Code Execution@*@*@* | |
| CMS@OpenSIS 'modname' PHP Code Execution@*@*@* | |
| CMS@HP Openview connectedNodes.ovpl Remote Command Execution@*@*@* | |
| CMS@OpenX banner-edit.php File Upload PHP Code Execution@*@*@* | |
| CMS@Oracle VM Server Virtual Server Agent Command Injection@*@*@* | |
| CMS@osCommerce 2.2 Arbitrary PHP Code Execution@*@*@* | |
| CMS@PAJAX Remote Command Execution@*@*@* | |
| CMS@PHP-Charts v1.0 PHP Code Execution Vulnerability@*@*@* | |
| CMS@Generic PHP Code Evaluation@*@*@* | |
| CMS@PHP Remote File Include Generic Code Execution@*@*@* | |
| CMS@vBulletin misc.php Template Name Arbitrary Code Execution@*@*@* | |
| CMS@PHP XML-RPC Arbitrary Code Execution@*@*@* | |
| CMS@phpBB viewtopic.php Arbitrary Code Execution@*@*@* | |
| CMS@phpCollab 2.5.1 Unauthenticated File Upload@*@*@* | |
| CMS@PhpMyAdmin Config File Code Injection@*@*@* | |
| CMS@Piwik Superuser Plugin Upload@*@*@* | |
| CMS@Project Pier Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@ProjectSend Arbitrary File Upload@*@*@* | |
| CMS@QuickTime Streaming Server parse_xml.cgi Remote Execution@*@*@* | |
| CMS@rConfig install Command Execution@*@*@* | |
| CMS@Redmine SCM Repository Arbitrary Command Execution@*@*@* | |
| CMS@SePortal SQLi Remote Code Execution@*@*@* | |
| CMS@Simple E-Document Arbitrary File Upload@*@*@* | |
| CMS@SixApart MovableType Storable Perl Code Execution@*@*@* | |
| CMS@SkyBlueCanvas CMS Remote Code Execution@*@*@* | |
| CMS@Simple PHP Blog Remote Command Execution@*@*@* | |
| CMS@SPIP connect Parameter PHP Injection@*@*@* | |
| CMS@SPIP form PHP Injection@*@*@* | |
| CMS@Squash YAML Code Execution@*@*@* | |
| CMS@SquirrelMail PGP Plugin Command Execution (SMTP)@*@*@* | |
| CMS@SugarCRM REST Unserialize PHP Code Execution@*@*@* | |
| CMS@SugarCRM unserialize() PHP Code Execution@*@*@* | |
| CMS@ThinkPHP Multiple PHP Injection RCEs@*@*@* | |
| CMS@TikiWiki tiki-graph_formula Remote PHP Code Execution@*@*@* | |
| CMS@TikiWiki jhot Remote Command Execution@*@*@* | |
| CMS@Tiki Wiki unserialize() PHP Code Execution@*@*@* | |
| CMS@Tiki Wiki Unauthenticated File Upload Vulnerability@*@*@* | |
| CMS@TrixBox CE endpoint_devicemap.php Authenticated Command Execution@*@*@* | |
| CMS@Trixbox langChoice PHP Local File Inclusion@*@*@* | |
| CMS@Tuleap 9.6 Second-Order PHP Object Injection@*@*@* | |
| CMS@Tuleap PHP Unserialize Code Execution@*@*@* | |
| CMS@TWiki History TWikiUsers rev Parameter Command Execution@*@*@* | |
| CMS@TWiki MAKETEXT Remote Command Execution@*@*@* | |
| CMS@TWiki Search Function Arbitrary Command Execution@*@*@* | |
| CMS@vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection@*@*@* | |
| CMS@VICIdial Manager Send OS Command Injection@*@*@* | |
| CMS@VICIdial user_authorization Unauthenticated Command Execution@*@*@* | |
| CMS@Webmin /file/show.cgi Remote Command Execution@*@*@* | |
| CMS@Webmin Upload Authenticated RCE@*@*@* | |
| CMS@WebTester 5.x Command Execution@*@*@* | |
| CMS@WordPress Admin Shell Upload@*@*@* | |
| CMS@WordPress Plugin Advanced Custom Fields Remote File Inclusion@*@*@* | |
| CMS@Wordpress Ajax Load More PHP Upload Vulnerability@*@*@* | |
| CMS@WordPress Asset-Manager PHP File Upload Vulnerability@*@*@* | |
| CMS@Wordpress Creative Contact Form Upload Vulnerability@*@*@* | |
| CMS@Wordpress Download Manager (download-manager) Unauthenticated File Upload@*@*@* | |
| CMS@WordPress WP EasyCart Unrestricted File Upload@*@*@* | |
| CMS@WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution@*@*@* | |
| CMS@Wordpress Front-end Editor File Upload@*@*@* | |
| CMS@WordPress Plugin Google Document Embedder Arbitrary File Disclosure@*@*@* | |
| CMS@WordPress Holding Pattern Theme Arbitrary File Upload@*@*@* | |
| CMS@Wordpress InBoundio Marketing PHP Upload Vulnerability@*@*@* | |
| CMS@WordPress InfiniteWP Client Authentication Bypass@*@*@* | |
| CMS@Wordpress InfusionSoft Upload Vulnerability@*@*@* | |
| CMS@WordPress cache_lastpostdate Arbitrary Code Execution@*@*@* | |
| CMS@WordPress WP Mobile Detector 3.5 Shell Upload@*@*@* | |
| CMS@Wordpress N-Media Website Contact Form Upload Vulnerability@*@*@* | |
| CMS@WordPress OptimizePress Theme File Upload Vulnerability@*@*@* | |
| CMS@WordPress Photo Gallery Unrestricted File Upload@*@*@* | |
| CMS@WordPress PHPMailer Host Header Command Injection@*@*@* | |
| CMS@WordPress Plugin Pie Register Auth Bypass to RCE@*@*@* | |
| CMS@WordPress Pixabay Images PHP Code Upload@*@*@* | |
| CMS@Wordpress Plainview Activity Monitor RCE@*@*@* | |
| CMS@WordPress Platform Theme File Upload Vulnerability@*@*@* | |
| CMS@WordPress WP-Property PHP File Upload Vulnerability@*@*@* | |
| CMS@Wordpress Reflex Gallery Upload Vulnerability@*@*@* | |
| CMS@WordPress RevSlider File Upload and Execute Vulnerability@*@*@* | |
| CMS@Wordpress SlideShow Gallery Authenticated File Upload@*@*@* | |
| CMS@WordPress WP Symposium 14.11 Shell Upload@*@*@* | |
| CMS@WordPress W3 Total Cache PHP Code Execution@*@*@* | |
| CMS@Wordpress Work The Flow Upload Vulnerability@*@*@* | |
| CMS@WordPress wpDiscuz Unauthenticated File Upload Vulnerability@*@*@* | |
| CMS@WordPress WPshop eCommerce Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@WordPress WPTouch Authenticated File Upload@*@*@* | |
| CMS@Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload@*@*@* | |
| CMS@XODA 0.4.5 Arbitrary PHP File Upload Vulnerability@*@*@* | |
| CMS@Xymon useradm Command Execution@*@*@* | |
| CMS@ZeroShell Remote Code Execution@*@*@* | |
| CMS@Zimbra Collaboration Server LFI@*@*@* | |
| CMS@ZoneMinder Language Settings Remote Code Execution@*@*@* | |
| CMS@ZoneMinder Video Server packageControl Command Execution@*@*@* | |
| CMS@ZPanel 10.0.0.2 htpasswd Module Username Command Execution@*@*@* | |
| CMS@Active Collab \@*@*@*chat module\@*@*@* Remote PHP Code Injection Exploit@*@*@* | |
| CMS@Adobe ColdFusion Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Agent Tesla Panel Remote Code Execution@*@*@* | |
| CMS@AjaXplorer checkInstall.php Remote Command Execution@*@*@* | |
| CMS@ActiveMQ web shell upload@*@*@* | |
| CMS@APISIX Admin API default access token RCE@*@*@* | |
| CMS@Apache Couchdb Erlang RCE@*@*@* | |
| CMS@Apache Druid JNDI Injection RCE@*@*@* | |
| CMS@Apache Flink JAR Upload Java Code Execution@*@*@* | |
| CMS@Apache Jetspeed Arbitrary File Upload@*@*@* | |
| CMS@Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)@*@*@* | |
| CMS@Apache NiFi API Remote Code Execution@*@*@* | |
| CMS@Apache 2.4.49/2.4.50 Traversal RCE@*@*@* | |
| CMS@Apache RocketMQ update config RCE@*@*@* | |
| CMS@Apache Roller OGNL Injection@*@*@* | |
| CMS@appRain CMF Arbitrary PHP File Upload Vulnerability@*@*@* | |
| CMS@Atlassian Confluence Namespace OGNL Injection@*@*@* | |
| CMS@Atlassian Confluence WebWork OGNL Injection@*@*@* | |
| CMS@Atlassian Crowd pdkinstall Unauthenticated Plugin Upload RCE@*@*@* | |
| CMS@ATutor@*@2.2.1@* | |
| CMS@ATutor@*@2.2.4@* | |
| CMS@Auxilium RateMyPet Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP)@*@*@* | |
| CMS@Baldr Botnet Panel Shell Upload Exploit@*@*@* | |
| CMS@Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution@*@*@* | |
| CMS@Bitbucket Environment Variable RCE@*@*@* | |
| CMS@CMS Bolt File Upload Vulnerability@*@*@* | |
| CMS@BuilderEngine Arbitrary File Upload Vulnerability and execution@*@*@* | |
| CMS@China Chopper Caidao PHP Backdoor Code Execution@*@*@* | |
| CMS@ChurchInfo 1.2.13-1.3.0 Authenticated RCE@*@*@* | |
| CMS@Cisco Prime Data Center Network Manager Arbitrary File Upload@*@*@* | |
| CMS@Cisco Data Center Network Manager Unauthenticated Remote Code Execution@*@*@* | |
| CMS@ClipBucket beats_uploader Unauthenticated Arbitrary File Upload@*@*@* | |
| CMS@CMS Made Simple Authenticated RCE via object injection@*@*@* | |
| CMS@CMS Made Simple (CMSMS) Showtime2 File Upload RCE@*@*@* | |
| CMS@CMS Made Simple Authenticated RCE via File Upload/Copy@*@*@* | |
| CMS@Cockpit CMS NoSQLi to RCE@*@*@* | |
| CMS@Adobe ColdFusion CKEditor unrestricted file upload@*@*@* | |
| CMS@Adobe ColdFusion RDS Authentication Bypass@*@*@* | |
| CMS@Atlassian Confluence Widget Connector Macro Velocity Template Injection@*@*@* | |
| CMS@CUPS Filter Bash Environment Variable Code Injection (Shellshock)@*@*@* | |
| CMS@CuteFlow v2.11.2 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@ForgeRock / OpenAM Jato Java Deserialization@*@*@* | |
| CMS@Dexter (CasinoLoader) SQL Injection@*@*@* | |
| CMS@DotCMS RCE via Arbitrary File Upload.@*@*@* | |
| CMS@Drupal HTTP Parameter Key/Value SQL Injection@*@*@* | |
| CMS@Network Shutdown Module (sort_values) Remote PHP Code Injection@*@*@* | |
| CMS@ManageEngine Eventlog Analyzer Arbitrary File Upload@*@*@* | |
| CMS@eXtplorer v2.1 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@Family Connections less.php Remote Command Execution@*@*@* | |
| CMS@Fortra GoAnywhere MFT Unsafe Deserialization RCE@*@*@* | |
| CMS@FreeNAS exec_raw.php Arbitrary Command Execution@*@*@* | |
| CMS@GestioIP Remote Command Execution@*@*@* | |
| CMS@GetSimpleCMS Unauthenticated RCE@*@*@* | |
| CMS@Malicious Git and Mercurial HTTP Server For CVE-2014-9390@*@*@* | |
| CMS@Git LFS Clone Command Exec@*@*@* | |
| CMS@Malicious Git HTTP Server For CVE-2017-1000117@*@*@* | |
| CMS@Malicious Git HTTP Server For CVE-2018-17456@*@*@* | |
| CMS@Gitea Git Fetch Remote Code Execution@*@*@* | |
| CMS@Gitea Git Hooks Remote Code Execution@*@*@* | |
| CMS@GitLab Unauthenticated Remote ExifTool Command Injection@*@*@* | |
| CMS@GitLab File Read Remote Code Execution@*@*@* | |
| CMS@GitLab GitHub Repo Import Deserialization RCE@*@*@* | |
| CMS@Gitlab-shell Code Execution@*@*@* | |
| CMS@GitList v0.6.0 Argument Injection Vulnerability@*@*@* | |
| CMS@Gitorious Arbitrary Command Execution@*@*@* | |
| CMS@Sun/Oracle GlassFish Server Authenticated Code Execution@*@*@* | |
| CMS@Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@GLPI install.php Remote Command Execution@*@*@* | |
| CMS@Gogs Git Hooks Remote Code Execution@*@*@* | |
| CMS@Horde CSV import arbitrary PHP code execution@*@*@* | |
| CMS@Horde Form File Upload Vulnerability@*@*@* | |
| CMS@Horde 3.3.12 Backdoor Arbitrary PHP Code Execution@*@*@* | |
| CMS@HorizontCMS Arbitrary PHP File Upload@*@*@* | |
| CMS@HP SiteScope issueSiebelCmd Remote Code Execution@*@*@* | |
| CMS@HP SiteScope Remote Code Execution@*@*@* | |
| CMS@HP System Management Homepage JustGetSNMPQueue Command Injection@*@*@* | |
| CMS@VMware Hyperic HQ Groovy Script-Console Java Execution@*@*@* | |
| CMS@IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution@*@*@* | |
| CMS@ISPConfig Authenticated Arbitrary PHP Code Execution@*@*@* | |
| CMS@JBoss JMX Console Beanshell Deployer WAR Upload and Deployment@*@*@* | |
| CMS@JBoss Java Class DeploymentFileRepository WAR Deployment@*@*@* | |
| CMS@JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)@*@*@* | |
| CMS@JBoss JMX Console Deployer Upload and Execute@*@*@* | |
| CMS@JBoss Seam 2 File Upload and Execute@*@*@* | |
| CMS@Jenkins ACL Bypass and Metaprogramming RCE@*@*@* | |
| CMS@Jenkins-CI Script-Console Java Execution@*@*@* | |
| CMS@Jenkins XStream Groovy classpath Deserialization Vulnerability@*@*@* | |
| CMS@Atlassian HipChat for Jira Plugin Velocity Template Injection@*@*@* | |
| CMS@Atlassian Jira Authenticated Upload Code Execution@*@*@* | |
| CMS@Joomla HTTP Header Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Kong Gateway Admin API Remote Code Execution@*@*@* | |
| CMS@Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@LotusCMS 3.0 eval() Remote Command Execution@*@*@* | |
| CMS@Liferay Portal Java Unmarshalling via JSONWS RCE@*@*@* | |
| CMS@Log1 CMS writeInfo() PHP Code Injection@*@*@* | |
| CMS@Log4Shell HTTP Header Injection@*@*@* | |
| CMS@Lucee Authenticated Scheduled Job Code Execution@*@*@* | |
| CMS@Magento 2.0.6 Unserialize Remote Code Execution@*@*@* | |
| CMS@Mako Server v2.5, 2.6 OS Command Injection RCE@*@*@* | |
| CMS@ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection@*@*@* | |
| CMS@ManageEngine ADSelfService Plus Unauthenticated SAML RCE@*@*@* | |
| CMS@ManageEngine Multiple Products Authenticated File Upload@*@*@* | |
| CMS@ManageEngine ServiceDesk Plus Arbitrary File Upload@*@*@* | |
| CMS@ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection@*@*@* | |
| CMS@ManageEngine ServiceDesk Plus Unauthenticated SAML RCE@*@*@* | |
| CMS@Mantis manage_proj_page PHP Code Execution@*@*@* | |
| CMS@MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability@*@*@* | |
| CMS@MaraCMS Arbitrary PHP File Upload@*@*@* | |
| CMS@MediaWiki SyntaxHighlight extension option injection vulnerability@*@*@* | |
| CMS@MediaWiki Thumb.php Remote Command Execution@*@*@* | |
| CMS@Metasploit Web UI Static secret_key_base Value@*@*@* | |
| CMS@Metasploit Web UI Diagnostic Console Command Execution@*@*@* | |
| CMS@Micro Focus Operations Bridge Manager Authenticated Remote Code Execution@*@*@* | |
| CMS@Micro Focus UCMDB Java Deserialization Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Th3 MMA mma.php Backdoor Arbitrary File Upload@*@*@* | |
| CMS@MobileCartly 1.0 Arbitrary File Creation Vulnerability@*@*@* | |
| CMS@Monitorr unauthenticated Remote Code Execution (RCE)@*@*@* | |
| CMS@Monstra CMS Authenticated Arbitrary File Upload@*@*@* | |
| CMS@Moodle Admin Shell Upload@*@*@* | |
| CMS@Moodle Authenticated Spelling Binary RCE@*@*@* | |
| CMS@Moodle SpellChecker Path Authenticated Remote Command Execution@*@*@* | |
| CMS@Moodle Teacher Enrollment Privilege Escalation to RCE@*@*@* | |
| CMS@Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution@*@*@* | |
| CMS@Mutiny Remote Command Execution@*@*@* | |
| CMS@MyBB Admin Control Code Injection RCE@*@*@* | |
| CMS@NAS4Free Arbitrary Remote Code Execution@*@*@* | |
| CMS@Navigate CMS Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Netwin SurgeFTP Remote Command Execution@*@*@* | |
| CMS@Nibbleblog File Upload Vulnerability@*@*@* | |
| CMS@Nostromo Directory Traversal Remote Command Execution@*@*@* | |
| CMS@Novell ServiceDesk Authenticated File Upload@*@*@* | |
| CMS@NUUO NVRmini upgrade_handle.php Remote Command Execution@*@*@* | |
| CMS@October CMS Upload Protection Bypass Code Execution@*@*@* | |
| CMS@OP5 license.php Remote Command Execution@*@*@* | |
| CMS@OP5 welcome Remote Command Execution@*@*@* | |
| CMS@Open Web Analytics 1.7.3 - Remote Code Execution (RCE)@*@*@* | |
| CMS@Openfire Admin Console Authentication Bypass@*@*@* | |
| CMS@Openfire authentication bypass with RCE plugin@*@*@* | |
| CMS@OpenMediaVault Cron Remote Command Execution@*@*@* | |
| CMS@OpenMRS Java Deserialization RCE@*@*@* | |
| CMS@OpenX Backdoor PHP Code Execution@*@*@* | |
| CMS@ManageEngine OpManager and Social IT Arbitrary File Upload@*@*@* | |
| CMS@ManageEngine OpManager SumPDU Java Deserialization@*@*@* | |
| CMS@Oracle ATS Arbitrary File Upload@*@*@* | |
| CMS@Oracle Forms and Reports Remote Code Execution@*@*@* | |
| CMS@Oracle WebLogic wls-wsat Component Deserialization RCE@*@*@* | |
| CMS@OrientDB 2.2.x Remote Code Execution@*@*@* | |
| CMS@osCommerce Installer Unauthenticated Code Execution@*@*@* | |
| CMS@Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@PaperCut PaperCutNG Authentication Bypass@*@*@* | |
| CMS@Pentaho Business Server Auth Bypass and Server Side Template Injection RCE@*@*@* | |
| CMS@Phoenix Exploit Kit Remote Code Execution@*@*@* | |
| CMS@PHP CGI Argument Injection@*@*@* | |
| CMS@PHP-FPM Underflow RCE@*@*@* | |
| CMS@PHP Utility Belt Remote Code Execution@*@*@* | |
| CMS@PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@phpFileManager 0.9.8 Remote Code Execution@*@*@* | |
| CMS@phpLDAPadmin query_engine Remote PHP Code Injection@*@*@* | |
| CMS@PHPMailer Sendmail Argument Injection@*@*@* | |
| CMS@PHPMoAdmin 1.1.2 Remote Code Execution@*@*@* | |
| CMS@phpMyAdmin 3.5.2.2 server_sync.php Backdoor@*@*@* | |
| CMS@phpMyAdmin Authenticated Remote Code Execution@*@*@* | |
| CMS@phpMyAdmin Authenticated Remote Code Execution@*@*@* | |
| CMS@phpMyAdmin Authenticated Remote Code Execution via preg_replace()@*@*@* | |
| CMS@phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection@*@*@* | |
| CMS@PHPStudy Backdoor Remote Code execution@*@*@* | |
| CMS@PhpTax pfilez Parameter Exec Remote Code Injection@*@*@* | |
| CMS@Phpwiki Ploticus Remote Code Execution@*@*@* | |
| CMS@Pimcore Unserialize RCE@*@*@* | |
| CMS@PlaySMS sendfromfile.php Authenticated \@*@*@*Filename\@*@*@* Field Code Execution@*@*@* | |
| CMS@PlaySMS index.php Unauthenticated Template Injection Code Execution@*@*@* | |
| CMS@PlaySMS import.php Authenticated CSV File Upload Code Execution@*@*@* | |
| CMS@Plone and Zope XMLTools Remote Command Execution@*@*@* | |
| CMS@PmWiki pagelist.php Remote PHP Code Injection Exploit@*@*@* | |
| CMS@PolarBear CMS PHP File Upload Vulnerability@*@*@* | |
| CMS@ProcessMaker Open Source Authenticated PHP Code Execution@*@*@* | |
| CMS@ProcessMaker Plugin Upload@*@*@* | |
| CMS@qdPM 9.1 Authenticated Arbitrary PHP File Upload (RCE)@*@*@* | |
| CMS@qdPM v7 Arbitrary PHP File Upload Vulnerability@*@*@* | |
| CMS@Ruby on Rails ActionPack Inline ERB Code Execution@*@*@* | |
| CMS@Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability@*@*@* | |
| CMS@Ruby on Rails Dynamic Render File Upload Remote Code Execution@*@*@* | |
| CMS@Ruby on Rails JSON Processor YAML Deserialization Code Execution@*@*@* | |
| CMS@Ruby on Rails Known Secret Session Cookie Remote Code Execution@*@*@* | |
| CMS@Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution@*@*@* | |
| CMS@Ruby on Rails XML Processor YAML Deserialization Code Execution@*@*@* | |
| CMS@Rocket Servergraph Admin Center fileRequestor Remote Code Execution@*@*@* | |
| CMS@Rudder Server SQLI Remote Code Execution@*@*@* | |
| CMS@Sflog! CMS 1.0 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@Apache Shiro v1.2.4 Cookie RememberME Deserial RCE@*@*@* | |
| CMS@Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE@*@*@* | |
| CMS@Simple Backdoor Shell Remote Code Execution@*@*@* | |
| CMS@Support Incident Tracker Remote Command Execution@*@*@* | |
| CMS@Snortreport nmap.php/nbtscan.php Remote Command Execution@*@*@* | |
| CMS@SolarWinds Storage Manager Authentication Bypass@*@*@* | |
| CMS@Apache Solr Remote Code Execution via Velocity Template@*@*@* | |
| CMS@SonicWALL GMS 6 Arbitrary File Upload@*@*@* | |
| CMS@Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection@*@*@* | |
| CMS@Splunk Search Remote Code Execution@*@*@* | |
| CMS@Splunk Custom App Remote Code Execution@*@*@* | |
| CMS@Spreecommerce 0.60.1 Arbitrary Command Execution@*@*@* | |
| CMS@Spreecommerce Arbitrary Command Execution@*@*@* | |
| CMS@Spring Cloud Function SpEL Injection@*@*@* | |
| CMS@Spring Framework Class property RCE (Spring4Shell)@*@*@* | |
| CMS@Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution@*@*@* | |
| CMS@Apache Struts Jakarta Multipart Parser OGNL Injection@*@*@* | |
| CMS@Apache Struts 2 Forced Multi OGNL Evaluation@*@*@* | |
| CMS@Apache Struts 2 Namespace Redirect OGNL Injection@*@*@* | |
| CMS@Apache Struts 2 REST Plugin XStream RCE@*@*@* | |
| CMS@Apache Struts Remote Command Execution@*@*@* | |
| CMS@Apache Struts ClassLoader Manipulation Remote Code Execution@*@*@* | |
| CMS@Apache Struts Remote Command Execution@*@*@* | |
| CMS@Apache Struts ParametersInterceptor Remote Code Execution@*@*@* | |
| CMS@Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution@*@*@* | |
| CMS@Apache Struts 2 Developer Mode OGNL Execution@*@*@* | |
| CMS@Apache Struts Dynamic Method Invocation Remote Code Execution@*@*@* | |
| CMS@Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution@*@*@* | |
| CMS@Apache Struts includeParams Remote Code Execution@*@*@* | |
| CMS@STUNSHELL Web Shell Remote PHP Code Execution@*@*@* | |
| CMS@STUNSHELL Web Shell Remote Code Execution@*@*@* | |
| CMS@Intelliants Subrion CMS 4.2.1 - Authenticated File Upload Bypass to RCE@*@*@* | |
| CMS@SugarCRM unauthenticated Remote Code Execution (RCE)@*@*@* | |
| CMS@Sun Java System Web Server WebDAV OPTIONS Buffer Overflow@*@*@* | |
| CMS@SysAid Help Desk Administrator Portal Arbitrary File Upload@*@*@* | |
| CMS@SysAid Help Desk 'rdslogs' Arbitrary File Upload@*@*@* | |
| CMS@TestLink v1.9.3 Arbitrary File Upload Vulnerability@*@*@* | |
| CMS@Tomcat RCE via JSP Upload Bypass@*@*@* | |
| CMS@Apache Tomcat Manager Application Deployer Authenticated Code Execution@*@*@* | |
| CMS@Apache Tomcat Manager Authenticated Upload Code Execution@*@*@* | |
| [email protected] CMS 12 Widget JavaScript Code Injection@*@*@* | |
| CMS@Traq admincp/common.php Remote Code Execution@*@*@* | |
| CMS@Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution@*@*@* | |
| CMS@UniFi Network Application Unauthenticated JNDI Injection RCE (via Log4Shell)@*@*@* | |
| CMS@Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload@*@*@* | |
| CMS@Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload@*@*@* | |
| CMS@v0pCr3w Web Shell Remote Code Execution@*@*@* | |
| CMS@vBSEO proc_deutf() Remote PHP Code Injection@*@*@* | |
| CMS@vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection@*@*@* | |
| CMS@vBulletin 5.1.2 Unserialize Code Execution@*@*@* | |
| CMS@vBulletin 5.x /ajax/render/widget_tabbedcontainer_tab_panel PHP remote code execution.@*@*@* | |
| CMS@vBulletin widgetConfig RCE@*@*@* | |
| CMS@Visual Mining NetCharts Server Remote Code Execution@*@*@* | |
| CMS@VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)@*@*@* | |
| CMS@VMware vCenter Server Unauthenticated OVA File Upload RCE@*@*@* | |
| CMS@Vtiger Install Unauthenticated Remote Command Execution@*@*@* | |
| CMS@Vtiger CRM - Authenticated Logo Upload RCE@*@*@* | |
| CMS@vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution@*@*@* | |
| CMS@vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload@*@*@* | |
| CMS@Oracle WebLogic Server Administration Console Handle RCE@*@*@* | |
| CMS@WebNMS Framework Server Arbitrary File Upload@*@*@* | |
| CMS@WebPageTest Arbitrary PHP File Upload@*@*@* | |
| CMS@Werkzeug Debug Shell Command Execution@*@*@* | |
| CMS@WikkaWiki 1.3.2 Spam Logging PHP Injection@*@*@* | |
| CMS@WordPress AIT CSV Import Export Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Wordpress Plugin Catch Themes Demo Import RCE@*@*@* | |
| CMS@WordPress Crop-image Shell Upload@*@*@* | |
| CMS@WP Database Backup RCE@*@*@* | |
| CMS@Wordpress Drag and Drop Multi File Uploader RCE@*@*@* | |
| CMS@WordPress File Manager Unauthenticated Remote Code Execution@*@*@* | |
| CMS@WordPress Ninja Forms Unauthenticated File Upload@*@*@* | |
| CMS@Wordpress Plugin Backup Guard - Authenticated Remote Code Execution@*@*@* | |
| CMS@Wordpress Plugin Elementor Authenticated Upload Remote Code Execution@*@*@* | |
| CMS@Wordpress File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution through shortcode@*@*@* | |
| CMS@Wordpress Plugin Modern Events Calendar - Authenticated Remote Code Execution@*@*@* | |
| CMS@Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution@*@*@* | |
| CMS@Wordpress Popular Posts Authenticated RCE@*@*@* | |
| CMS@WordPress Responsive Thumbnail Slider Arbitrary File Upload@*@*@* | |
| CMS@WordPress Simple File List Unauthenticated Remote Code Execution@*@*@* | |
| CMS@WSO2 Arbitrary File Upload to RCE@*@*@* | |
| CMS@X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution@*@*@* | |
| CMS@Zabbix Authenticated Remote Command Execution@*@*@* | |
| CMS@Zemra Botnet CnC Web Panel Remote Code Execution@*@*@* | |
| CMS@Novell ZENworks Configuration Management Arbitrary File Upload@*@*@* | |
| CMS@Novell ZENworks Configuration Management Remote Execution@*@*@* | |
| CMS@Zpanel Remote Unauthenticated RCE@*@*@* | |
| CMS@Cacti color filter authenticated SQLi to RCE@*@*@* | |
| CMS@ContentKeeper Web Remote Command Execution@*@*@* | |
| CMS@CTEK SkyRouter 4200 and 4300 Command Execution@*@*@* | |
| CMS@Dell KACE K1000 File Upload@*@*@* | |
| CMS@Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7)@*@*@* | |
| CMS@Cambium ePMP1000 'ping' Shell via Command Injection (up to v2.5)@*@*@* | |
| CMS@FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution@*@*@* | |
| CMS@PHP Laravel Framework token Unserialize Remote Command Execution@*@*@* | |
| CMS@LifeSize Room Command Injection@*@*@* | |
| CMS@Clickjacking Vulnerability In CSRF Error Page pfSense@*@*@* | |
| CMS@pfSense Restore RRD Data Command Injection@*@*@* | |
| CMS@pfSense Diag Routes Web Shell Upload@*@*@* | |
| CMS@pfSense authenticated graph status RCE@*@*@* | |
| CMS@pfSense authenticated group member RCE@*@*@* | |
| CMS@pfSense plugin pfBlockerNG unauthenticated RCE as root@*@*@* | |
| CMS@Pi-Hole heisenbergCompensator Blocklist OS Command Execution@*@*@* | |
| CMS@Pi-Hole DHCP MAC OS Command Execution@*@*@* | |
| CMS@Pi-Hole Whitelist OS Command Execution@*@*@* | |
| CMS@Quest KACE Systems Management Command Injection@*@*@* | |
| CMS@Schneider Electric Pelco Endura NET55XX Encoder@*@*@* | |
| CMS@Syncovery For Linux Web-GUI Authenticated Remote Command Execution@*@*@* | |
| CMS@tnftp \@*@*@*savefile\@*@*@* Arbitrary Command Execution@*@*@* | |
| CMS@TWiki Debugenableplugins Remote Code Execution@*@*@* | |
| CMS@VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution@*@*@* | |
| CMS@xdebug Unauthenticated OS Command Execution@*@*@* | |
| CMS@Accellion FTA getStatus verify_oauth_token Command Execution@*@*@* | |
| CMS@Advantech Switch Bash Environment Variable Code Injection (Shellshock)@*@*@* | |
| CMS@Airties login-cgi Buffer Overflow@*@*@* | |
| CMS@Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution@*@*@* | |
| CMS@AlienVault OSSIM/USM Remote Code Execution@*@*@* | |
| CMS@AlienVault OSSIM SQL Injection and Remote Code Execution@*@*@* | |
| CMS@Apache Continuum Arbitrary Command Execution@*@*@* | |
| CMS@Apache CouchDB Arbitrary Command Execution@*@*@* | |
| CMS@Apache Druid 0.20.0 Remote Command Execution@*@*@* | |
| CMS@Apache OFBiz XML-RPC Java Deserialization@*@*@* | |
| CMS@Apache OFBiz SOAP Java Deserialization@*@*@* | |
| CMS@Apache Spark Unauthenticated Command Injection RCE@*@*@* | |
| CMS@Artica proxy 4.30.000000 Auth Bypass service-cmds-peform Command Injection@*@*@* | |
| CMS@Astium Remote Code Execution@*@*@* | |
| CMS@AsusWRT LAN Unauthenticated Remote Code Execution@*@*@* | |
| CMS@ATutor 2.2.1 Directory Traversal / Remote Code Execution@*@*@* | |
| CMS@Axis IP Camera Application Upload@*@*@* | |
| CMS@Axis Network Camera .srv-to-parhand RCE@*@*@* | |
| CMS@Belkin Play N750 login.cgi Buffer Overflow@*@*@* | |
| CMS@Bitbucket Git Command Injection@*@*@* | |
| CMS@Bludit Directory Traversal Image File Upload Vulnerability@*@*@* | |
| CMS@Cacti 1.2.22 unauthenticated command injection@*@*@* | |
| CMS@Cayin CMS NTP Server RCE@*@*@* | |
| CMS@Centreon Poller Authenticated Remote Command Execution@*@*@* | |
| CMS@Centreon SQL and Command Injection@*@*@* | |
| CMS@Centreon Web Useralias Command Execution@*@*@* | |
| CMS@Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal@*@*@* | |
| CMS@Cisco ASA-X with FirePOWER Services Authenticated Command Injection@*@*@* | |
| CMS@Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability@*@*@* | |
| CMS@Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)@*@*@* | |
| CMS@Cisco HyperFlex HX Data Platform Command Execution@*@*@* | |
| CMS@Cisco Prime Infrastructure Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Cisco RV320 and RV325 Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Cisco RV Series Authentication Bypass and Command Injection@*@*@* | |
| CMS@Cisco Small Business RV Series Authentication Bypass and Command Injection@*@*@* | |
| CMS@Cisco UCS Director Cloupia Script RCE@*@*@* | |
| CMS@Cisco UCS Director Unauthenticated Remote Code Execution@*@*@* | |
| CMS@CWP login.php Unauthenticated RCE@*@*@* | |
| CMS@Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal Vulnerability@*@*@* | |
| CMS@Crypttech CryptoLog Remote Code Execution@*@*@* | |
| CMS@Cisco RV110W/RV130(W)/RV215W Routers Management Interface Remote Command Execution@*@*@* | |
| CMS@DC/OS Marathon UI Docker Exploit@*@*@* | |
| CMS@DD-WRT HTTP Daemon Arbitrary Command Execution@*@*@* | |
| CMS@DenyAll Web Application Firewall Remote Code Execution@*@*@* | |
| CMS@D-Link authentication.cgi Buffer Overflow@*@*@* | |
| CMS@D-Link Devices Unauthenticated Remote Command Execution@*@*@* | |
| CMS@D-Link DCS-931L File Upload@*@*@* | |
| CMS@D-Link DCS-930L Authenticated Remote Command Execution@*@*@* | |
| CMS@D-Link DIR-645 / DIR-815 diagnostic.php Command Execution@*@*@* | |
| CMS@D-Link Devices Unauthenticated Remote Command Execution@*@*@* | |
| CMS@D-Link DIR-605L Captcha Handling Buffer Overflow@*@*@* | |
| CMS@D-Link DIR615h OS Command Injection@*@*@* | |
| CMS@DIR-850L (Un)authenticated OS Command Exec@*@*@* | |
| CMS@D-Link DSL-2750B OS Command Injection@*@*@* | |
| CMS@D-Link Cookie Command Execution@*@*@* | |
| CMS@D-Link info.cgi POST Request Buffer Overflow@*@*@* | |
| CMS@DLINK DWL-2600 Authenticated Remote Command Injection@*@*@* | |
| CMS@D-Link hedwig.cgi Buffer Overflow in Cookie Header@*@*@* | |
| CMS@D-Link HNAP Request Remote Buffer Overflow@*@*@* | |
| CMS@D-Link Devices HNAP SOAPAction-Header Command Execution@*@*@* | |
| CMS@Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow@*@*@* | |
| CMS@D-Link Devices UPnP SOAP Command Execution@*@*@* | |
| CMS@dnaLIMS Admin Module Command Execution@*@*@* | |
| CMS@Docker Daemon - Unprotected TCP Socket Exploit@*@*@* | |
| CMS@Dolibarr ERP/CRM Post-Auth OS Command Injection@*@*@* | |
| CMS@OpenPLI Webif Arbitrary Command Execution@*@*@* | |
| CMS@Endian Firewall Proxy Password Change Command Injection@*@*@* | |
| CMS@elFinder Archive Command Injection@*@*@* | |
| CMS@PowerShellEmpire Arbitrary File Upload (Skywalker)@*@*@* | |
| CMS@E-Mail Security Virtual Appliance learn-msg.cgi Command Injection@*@*@* | |
| CMS@EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution@*@*@* | |
| CMS@F5 BIG-IP TMUI Directory Traversal and File Upload RCE@*@*@* | |
| CMS@F5 iControl iCall::Script Root Command Execution@*@*@* | |
| CMS@F5 iControl Remote Root Command Execution@*@*@* | |
| CMS@F5 BIG-IP iControl RCE via REST Authentication Bypass@*@*@* | |
| CMS@F5 iControl REST Unauthenticated SSRF Token Generation RCE@*@*@* | |
| CMS@F5 BIG-IP iControl Authenticated RCE via RPM Creator@*@*@* | |
| CMS@F5 BIG-IP iControl CSRF File Write SOAP API@*@*@* | |
| CMS@FLIR AX8 unauthenticated RCE@*@*@* | |
| CMS@Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection@*@*@* | |
| CMS@Fortinet FortiNAC keyUpload.jsp arbitrary file write@*@*@* | |
| CMS@Fortinet FortiOS, FortiProxy, and FortiSwitchManager authentication bypass.@*@*@* | |
| CMS@Fritz!Box Webcm Unauthenticated Command Injection@*@*@* | |
| CMS@Froxlor Log Path RCE@*@*@* | |
| CMS@Geutebruck Multiple Remote Command Execution@*@*@* | |
| CMS@Geutebruck instantrec Remote Command Execution@*@*@* | |
| CMS@Geutebruck testaction.cgi Remote Command Execution@*@*@* | |
| CMS@Github Enterprise Default Session Secret And Deserialization Vulnerability@*@*@* | |
| CMS@Gitlist Unauthenticated Remote Command Execution@*@*@* | |
| CMS@GLPI htmLawed php command injection@*@*@* | |
| CMS@GoAhead Web Server LD_PRELOAD Arbitrary Module Load@*@*@* | |
| CMS@GoAutoDial 3.3 Authentication Bypass / Command Injection@*@*@* | |
| CMS@Berlios GPSD Format String Vulnerability@*@*@* | |
| CMS@Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution@*@*@* | |
| CMS@Grandstream UCM62xx IP PBX sendPasswordEmail RCE@*@*@* | |
| CMS@GravCMS Remote Command Execution@*@*@* | |
| CMS@GroundWork monarch_scan.cgi OS Command Injection@*@*@* | |
| CMS@Hadoop YARN ResourceManager Unauthenticated Command Execution@*@*@* | |
| CMS@Hikvision IP Camera Unauthenticated Command Injection@*@*@* | |
| CMS@HP System Management Anonymous Access Code Execution@*@*@* | |
| CMS@HP VAN SDN Controller Root Command Injection@*@*@* | |
| CMS@Huawei HG532n Command Injection@*@*@* | |
| CMS@IBM Data Risk Manager Unauthenticated Remote Code Execution@*@*@* | |
| CMS@IBM QRadar SIEM Unauthenticated Remote Code Execution@*@*@* | |
| CMS@Imperva SecureSphere PWS Command Injection@*@*@* | |
| CMS@IPFire Bash Environment Variable Injection (Shellshock)@*@*@* | |
| CMS@IPFire proxy.cgi RCE@*@*@* | |
| CMS@IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE@*@*@* | |
| CMS@IPFire proxy.cgi RCE@*@*@* | |
| CMS@Ivanti Cloud Services Appliance (CSA) Command Injection@*@*@* | |
| CMS@Jenkins CLI Deserialization@*@*@* | |
| CMS@Kaltura Remote PHP Code Execution over Cookie@*@*@* | |
| CMS@Kaltura Remote PHP Code Execution@*@*@* | |
| CMS@Klog Server authenticate.php user Unauthenticated Command Injection@*@*@* | |
| CMS@Kloxo SQL Injection and Remote Code Execution@*@*@* | |
| CMS@LibreNMS addhost Command Injection@*@*@* | |
| CMS@LibreNMS Collectd Command Injection@*@*@* | |
| CMS@LifeSize UVC Authenticated RCE via Ping@*@*@* | |
| CMS@Linear eMerge E3-Series Access Controller Command Injection@*@*@* | |
| CMS@Linksys WRT54 Access Point apply.cgi Buffer Overflow@*@*@* | |
| CMS@Linksys E1500/E2500 apply.cgi Remote Command Injection@*@*@* | |
| CMS@Linksys E-Series TheMoon Remote Command Injection@*@*@* | |
| CMS@Linksys Devices pingstr Remote Command Injection@*@*@* | |
| CMS@Linksys WRT160nv2 apply.cgi Remote Command Injection@*@*@* | |
| CMS@Linksys WRT54GL apply.cgi Command Execution@*@*@* | |
| CMS@Linksys WVBR0-25 User-Agent Command Execution@*@*@* | |
| CMS@LinuxKI Toolset 6.01 Remote Command Execution@*@*@* | |
| CMS@Logsign Remote Command Injection@*@*@* | |
| CMS@Lucee Administrator imgProcess.cfm Arbitrary File Write@*@*@* | |
| CMS@Mailcleaner Remote Code Execution@*@*@* | |
| CMS@Micro Focus Operations Bridge Reporter Unauthenticated Command Injection@*@*@* | |
| CMS@MicroFocus Secure Messaging Gateway Remote Code Execution@*@*@* | |
| CMS@Mida Solutions eFramework ajaxreq.php Command Injection@*@*@* | |
| CMS@MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)@*@*@* | |
| CMS@MobileIron MDM Hessian-Based Java Deserialization RCE@*@*@* | |
| CMS@D-Link/TRENDnet NCC Service Command Injection@*@*@* | |
| CMS@Mutiny 5 Arbitrary File Upload@*@*@* | |
| CMS@MVPower DVR Shell Unauthenticated Command Execution@*@*@* | |
| CMS@Nagios XI Autodiscovery Webshell Upload@*@*@* | |
| CMS@Nagios XI Chained Remote Code Execution@*@*@* | |
| CMS@Nagios XI Chained Remote Code Execution@*@*@* | |
| CMS@Nagios XI 5.5.6 to 5.7.5 - ConfigWizards Authenticated Remote Code Exection@*@*@* | |
| CMS@Nagios XI Magpie_debug.php Root Remote Code Execution@*@*@* | |
| CMS@Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection@*@*@* | |
| CMS@Nagios XI Prior to 5.6.6 getprofile.sh Authenticated Remote Command Execution@*@*@* | |
| CMS@Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection@*@*@* | |
| CMS@Nagios XI 5.5.0-5.7.3 - Snmptrap Authenticated Remote Code Exection@*@*@* | |
| CMS@Netgear DGN1000 Setup.cgi Unauthenticated RCE@*@*@* | |
| CMS@Netgear DGN1000B setup.cgi Remote Command Execution@*@*@* | |
| CMS@Netgear DGN2200B pppoe.cgi Remote Command Execution@*@*@* | |
| CMS@Netgear DGN2200 dnslookup.cgi Command Injection@*@*@* | |
| CMS@Netgear R7000 and R6400 cgi-bin Command Injection@*@*@* | |
| CMS@NETGEAR ReadyNAS Perl Code Evaluation@*@*@* | |
| CMS@Netgear Devices Unauthenticated Remote Command Execution@*@*@* | |
| CMS@NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Buffer Overflow@*@*@* | |
| CMS@Netsweeper WebAdmin unixlogin.php Python Code Injection@*@*@* | |
| CMS@Nexus Repository Manager Java EL Injection RCE@*@*@* | |
| CMS@Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow@*@*@* | |
| CMS@NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution@*@*@* | |
| CMS@NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution@*@*@* | |
| CMS@op5 v7.1.9 Configuration Command Execution@*@*@* | |
| CMS@Openfiler v2.x NetworkCard Command Execution@*@*@* | |
| CMS@OpenTSDB 2.4.0 unauthenticated command injection@*@*@* | |
| CMS@Optergy Proton and Enterprise BMS Command Injection using a backdoor@*@*@* | |
| CMS@Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload@*@*@* | |
| CMS@Pandora FMS Events Remote Command Execution@*@*@* | |
| CMS@Pandora FMS Remote Code Execution@*@*@* | |
| CMS@Pandora FMS Default Credential / SQLi Remote Code Execution@*@*@* | |
| CMS@Pandora FMS Ping Authenticated Remote Code Execution@*@*@* | |
| CMS@Palo Alto Networks Authenticated Remote Code Execution@*@*@* | |
| CMS@Palo Alto Networks readSessionVarsFromFile() Session Corruption@*@*@* | |
| CMS@PeerCast URL Handling Buffer Overflow@*@*@* | |
| CMS@php imap_open Remote Code Execution@*@*@* | |
| CMS@PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution@*@*@* | |
| CMS@PineApp Mail-SeCure livelog.html Arbitrary Command Execution@*@*@* | |
| CMS@PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution@*@*@* | |
| CMS@Hak5 WiFi Pineapple Preconfiguration Command Injection@*@*@* | |
| CMS@Hak5 WiFi Pineapple Preconfiguration Command Injection@*@*@* | |
| CMS@RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution@*@*@* | |
| CMS@Pulse Secure VPN Arbitrary Command Execution@*@*@* | |
| CMS@Pulse Secure VPN gzip RCE@*@*@* | |
| CMS@pyLoad js2py Python Execution@*@*@* | |
| CMS@QNAP Q'Center change_passwd Command Execution@*@*@* | |
| CMS@Raidsonic NAS Devices Unauthenticated Remote Command Execution@*@*@* | |
| CMS@Railo Remote File Include@*@*@* | |
| CMS@Rancher Server - Docker Exploit@*@*@* | |
| CMS@Rconfig 3.x Chained Remote Code Execution@*@*@* | |
| CMS@rConfig Vendors Auth File Upload RCE@*@*@* | |
| CMS@Realtek SDK Miniigd UPnP SOAP Command Execution@*@*@* | |
| CMS@Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution@*@*@* | |
| CMS@Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE@*@*@* | |
| CMS@SaltStack Salt REST API Arbitrary Command Execution@*@*@* | |
| CMS@SaltStack Salt API Unauthenticated RCE through wheel_async client@*@*@* | |
| CMS@Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload@*@*@* | |
| CMS@Seagate Business NAS Unauthenticated Remote Command Execution@*@*@* | |
| CMS@Supermicro Onboard IPMI close_window.cgi Buffer Overflow@*@*@* | |
| CMS@SonicWall SMA 100 Series Authenticated Command Injection@*@*@* | |
| CMS@Sophos UTM WebAdmin SID Command Injection@*@*@* | |
| CMS@Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution@*@*@* | |
| CMS@Sophos Web Protection Appliance sblistpack Arbitrary Command Execution@*@*@* | |
| CMS@Sourcegraph gitserver sshCommand RCE@*@*@* | |
| CMS@Apache Spark Unauthenticated Command Execution@*@*@* | |
| CMS@Spring Cloud Gateway Remote Code Execution@*@*@* | |
| CMS@SuiteCRM Log File Remote Code Execution@*@*@* | |
| CMS@Supervisor XML-RPC Authenticated Remote Code Execution@*@*@* | |
| CMS@Symantec Messaging Gateway Remote Code Execution@*@*@* | |
| CMS@Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection@*@*@* | |
| CMS@Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability@*@*@* | |
| CMS@Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability@*@*@* | |
| CMS@Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection@*@*@* | |
| CMS@Symantec Web Gateway 5 restore.php Post Authentication Command Injection@*@*@* | |
| CMS@Symmetricom SyncServer Unauthenticated Remote Command Execution@*@*@* | |
| CMS@Synology DiskStation Manager SLICEUPLOAD Remote Command Execution@*@*@* | |
| CMS@Synology DiskStation Manager smart.cgi Remote Command Execution@*@*@* | |
| CMS@TerraMaster TOS 4.2.06 or lower - Unauthenticated Remote Code Execution@*@*@* | |
| CMS@TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.@*@*@* | |
| CMS@TerraMaster TOS 4.2.29 or lower - Unauthenticated RCE chaining CVE-2022-24990 and CVE-2022-24989@*@*@* | |
| CMS@Tiki-Wiki CMS Calendar Command Execution@*@*@* | |
| CMS@TP-Link Cloud Cameras NCXXX Bonjour Command Injection@*@*@* | |
| CMS@TP-Link SC2020n Authenticated Telnet Injection@*@*@* | |
| CMS@Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064@*@*@* | |
| CMS@Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution@*@*@* | |
| CMS@Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution@*@*@* | |
| CMS@Trend Micro Smart Protection Server Exec Remote Code Injection@*@*@* | |
| CMS@Trend Micro Web Security (Virtual Appliance) Remote Code Execution@*@*@* | |
| CMS@TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection@*@*@* | |
| CMS@TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection@*@*@* | |
| CMS@TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection@*@*@* | |
| CMS@Ubiquiti airOS Arbitrary File Upload@*@*@* | |
| CMS@Unitrends UEB http api remote code execution@*@*@* | |
| CMS@Unraid 6.8.0 Auth Bypass PHP Code Execution@*@*@* | |
| CMS@Arris VAP2500 tools_command.php Command Execution@*@*@* | |
| CMS@V-CMS PHP File Upload and Execute@*@*@* | |
| CMS@Vesta Control Panel Authenticated Remote Code Execution@*@*@* | |
| CMS@VMware NSX Manager XStream unauthenticated RCE@*@*@* | |
| CMS@VMware vCenter Server Analytics (CEIP) Service File Upload@*@*@* | |
| CMS@VMware vCenter Server Virtual SAN Health Check Plugin RCE@*@*@* | |
| CMS@VMware View Planner Unauthenticated Log File Upload RCE@*@*@* | |
| CMS@VMWare Aria Operations for Networks (vRealize Network Insight) pre-authenticated RCE@*@*@* | |
| CMS@VMware vRealize Operations (vROps) Manager SSRF RCE@*@*@* | |
| CMS@VMware Workspace ONE Access CVE-2022-22954@*@*@* | |
| CMS@VMware Workspace ONE Access VMSA-2022-0011 exploit chain@*@*@* | |
| CMS@WAN Emulator v2.3 Command Execution@*@2.3@* | |
| CMS@Western Digital MyCloud multi_uploadify File Upload Vulnerability@*@*@* | |
| CMS@Western Digital MyCloud unauthenticated command injection@*@*@* | |
| CMS@WebCalendar 1.2.4 Pre-Auth Remote Code Injection@*@1.2.4@* | |
| CMS@WeBid converter.php Remote PHP Code Injection@*@*@* | |
| CMS@Webmin password_change.cgi Backdoor@*@*@* | |
| CMS@Webmin File Manager RCE@*@*@* | |
| CMS@Webmin Package Updates RCE@*@*@* | |
| CMS@Webmin Package Updates Remote Command Execution@*@*@* | |
| CMS@Barco WePresent file_transfer.cgi Command Injection@*@*@* | |
| CMS@WePresent WiPG-1000 Command Injection@*@*@* | |
| CMS@Xplico Remote Code Execution@*@*@* | |
| CMS@Zabbix 2.0.8 SQL Injection and Remote Code Execution@*@*@* | |
| CMS@ZEN Load Balancer Filelog Command Execution@*@*@* | |
| CMS@Zenoss 3 showDaemonXMLConfig Command Execution@*@*@* | |
| CMS@TAR Path Traversal in Zimbra (CVE-2022-41352)@*@*@* | |
| CMS@Zip Path Traversal in Zimbra (mboximport) (CVE-2022-27925)@*@*@* | |
| CMS@UnRAR Path Traversal in Zimbra (CVE-2022-30333)@*@*@* | |
| CMS@Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF@*@*@* | |
| CMS@Zyxel chained RCE using LFI and weak password derivation algorithm@*@*@* | |
| CMS@Zyxel Firewall ZTP Unauthenticated Command Injection@*@*@* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment