Drupal is prone to an OS command injection vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the Form API Ajax Requests.
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
Symantec Messaging Gateway is prone to an Authentication Bypass vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the RestoreAction.performRestore method.
An attacker can leverage this vulnerability to execute arbitrary code in the context of root.
An attacker can leverage this vulnerability to execute arbitrary code in the context of root.
HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an improper validation of user-supplied data, which can result in deserialization of untrusted data in WebDMDebugServlet.
An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.
An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.
This module exploits a post authentication vulnerability in pfSense by abusing the system_groupmanager.php page which allows users to get Code Execution.
TrendMicro is prone to an abuse in the talker.php function to get authentication bypass, combined with the mod TMCSS user-supplied unvalidated input before using it to execute a system calls leads us to execute arbitrary code.
This module exploits a command injection vulnerability in REDDOXX Appliance to install an agent.
This module exploits a Java deserialization bug in Apache Struts REST XStreamHandler which allows users to get Code Execution.
This module exploits a privilege escalation vulnerability in OrientDB by abusing SQL queries on OUser/ORole without the privileges which allows users to get Code Execution.
This module exploits a PHPMailer vulnerability in WordPress abusing a Lost Password recovery action and installs an agent.