CVE-2024-7513 IMPACT
A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which
A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the function execute_command of the file src/index.ts of the component MCP Interface
A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxili
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to exe
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary comm
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restricti
A vulnerability, which was classified as problematic, was found in mirweiye Seven Bears Library CMS 2023. This affects an unknown part of the component Background Management Page. The manipulation lea
A vulnerability in Intrexx Portal Server 12.0.2 and earlier which was classified as problematic potentially allows users with particular permissions under certain conditions to see potentially sensiti
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800
A potential command
injection vulnerability has been identified in the Poly Clariti Manager for
versions prior to 10.12.2. The vulnerability could allow a privileged user
to submit arbitrary input. HP
A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing s
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action_value results in
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the compone
Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execu
Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests t
A privilege escalation vulnerability was discovered in an upload processing functionality of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via sp
A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbi