An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows atta
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code
Remote code execution that allows unauthorized users to execute arbitrary code on the server machine.
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST reques
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially le
Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™
that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerabil
A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute arbitrary code via supplying a crafted HTTP request.
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbi
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbi
Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by conne
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server.
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successfu
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege esca
An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from t
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
Page 1+ Next →