This module uses an OS Command Injection vulnerability to gain arbitrary code execution on the affected system.

RESTful Web Services Module does not properly sanitize data from non-form sources. A vulnerability in this approach allows an unauthenticated attacker to send specially crafted requests resulting in arbitrary PHP execution.

The 'recentVersion' parameter from the snserv endpoint is vulnerable to OS Command Injection when check and execute update operations are performed. This module exploits this vulneravility to install an agent

Tp-link EAP Controller does not handle privilege management correctly so a non privileged user can execute privileged actions. This module will try to change the device's settings and enable ssh in order to take control of the managed Access Points.

CMS Made Simple is vulnerable to an authenticated php remote file inclusion, allowing attackers to execute arbitrary php code in the system.

This module uses a OS Command Injection vulnerability present in Cisco UCS Manager ping function to gain arbitrary code execution on the affected system.

This module uses a Privilege escalation vulnerability in QNAP Qcenter Virtual Appliance and an OS Command Injection vulnerability to gain arbitrary code execution on the affected system.

This module uses an Authentication Bypass vulnerability in Apache CouchDB and an OS Command Injection vulnerability to gain arbitrary code execution on the affected system.

PhpCollab is vulnerable to an unauthenticated php remote file inclusion, allowing attackers to execute arbitrary php code in the system.

This module uses an Authentication Bypass vulnerability in Dell EMC Data Protection Advisor and an OS Command Injection vulnerability to gain arbitrary code execution on the affected system.