Vulnerability Name CVE Severity
.NET JSON.NET Deserialization RCE
AccessAlly PHP Code Execution (3.3.1)
Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21) CVE-2019-15324
Advanced Access Manager Arbitrary Code Execution (2.8.2) CVE-2014-6059
AjaxControlToolkit directory traversal CVE-2015-4670
AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758)
Ajax Search Lite Remote Command Execution (3.1)
All-in-One WP Migration Remote Code Execution (2.0.2) CVE-2014-8794
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Remote Code Execution ( CVE-2021-24307
Analytics Remote Code Execution (1.7)
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425
Apache 2.x version older than 2.2.3 CVE-2006-3747
Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013) CVE-2021-42013
Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228
Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747
Apache OFBiz Log4Shell RCE CVE-2021-44228
Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496) CVE-2020-9496
Apache Shiro Deserialization RCE CVE-2016-4437
Apache Solr Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
Apache Solr Log4Shell RCE CVE-2021-44228
Apache Solr SSRF CVE-2017-3164
Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050
Apache Struts2 remote code execution vulnerability CVE-2016-0785
Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791
Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805
Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611
Apache Struts Remote Code Execution (S2-057) CVE-2018-11776
Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850) CVE-2021-27850
Apache Tomcat Remote Code Execution Vulnerability CVE-2017-12615
Apache Unomi MVEL RCE (CVE-2020-13942) CVE-2020-13942
Arbitrary EL Evaluation in RichFaces
Argument Injection
Arigato Autoresponder and Newsletter Remote Code Execution ( CVE-2018-18461
Atlassian Crowd Remote Code Execution CVE-2019-11580
Authentication bypass via MongoDB operator injection
BackWPup Remote and Local Code Execution (1.6.1) CVE-2011-4342 CVE-2011-5208
Bash code injection vulnerability CVE-2014-6271
Best Seo Remote Code Execution (1.5)
BigIP iRule Tcl code injection
BJ Lazy Load Remote Code Execution (0.7.5)
Bonita Authorization Bypass (CVE-2022-25237) CVE-2022-25237
Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Remote Code Execution (5.5.15) CVE-2023-25699
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
Catch Themes Demo Import Remote Code Execution (2.1) CVE-2022-0440
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392
Citrix ADC/Gateway Unauthenticated Remote Code Execution CVE-2019-19781
CiviCRM Remote Code Execution (5.24.2) CVE-2020-36388
Cmd hijack vulnerability
CM Download Manager Code Injection (2.0.3) CVE-2014-8877
Code Evaluation (Apache Struts) S2-016 CVE-2013-2251
Code Evaluation (Apache Struts) S2-045 CVE-2017-5638
Code Evaluation (Apache Struts) S2-046 CVE-2017-5638
Code Evaluation (ASP)
Code Evaluation (PHP)
Code Evaluation (Python)
Code Evaluation (Ruby)
CodeIgniter weak encryption key
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265
ColdFusion Access Control bypass with WDDX Deserialization RCE (CVE-2023-29298/CVE-2023-29300) CVE-2023-29298 CVE-2023-29300
ColdFusion AMF Deserialization RCE CVE-2017-3066
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360) CVE-2023-26359
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091
ColdFusion JNDI injection RCE CVE-2018-15957
Coming Soon Possible Remote Code Execution (1.1.3) CVE-2016-10033 CVE-2016-10045
Command Injection
Cool Video Gallery Command Injection (1.9) CVE-2015-7527
Custom Content Type Manager Remote Code Execution ( CVE-2015-3173
Database User Has Admin Privileges
Data Binding Expression Vulnerability in Spring Web Flow CVE-2017-4971
Divi Builder PHP Code Injection (4.0.9)
DotCMS unrestricted file upload (CVE-2022-26352) CVE-2022-26352
Drupal 7 arbitrary PHP code execution and information disclosure CVE-2012-4553 CVE-2012-4554
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6) CVE-2006-2743
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7) CVE-2006-2831
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5) CVE-2007-0626
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0) CVE-2006-2743
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2) CVE-2007-5593
Drupal Core 5.x Arbitrary Code Execution (5.0) CVE-2007-0626
Drupal Core 6.x Remote Code Execution (6.0 - 6.38) CVE-2018-7600
Drupal Core 7.x Remote Code Execution (7.0 - 7.57) CVE-2018-7600
Drupal Core 7.x Remote Code Execution (7.0 - 7.58) CVE-2018-7602
Drupal Core 7.x Remote Code Execution (7.0 - 7.73) CVE-2020-13671
Drupal Core 7.x Remote Code Execution (7.0 - 7.74) CVE-2020-28948 CVE-2020-28949
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5) CVE-2018-7600
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.7) CVE-2018-7602
Drupal Core 8.5.0 Remote Code Execution (8.5.0) CVE-2018-7600
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2) CVE-2018-7602
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10) CVE-2019-6340
Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9) CVE-2019-6340
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7) CVE-2020-13664
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.10) CVE-2020-13671
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11) CVE-2020-28948 CVE-2020-28949
Drupal Core 8.9.0 Remote Code Execution (8.9.0) CVE-2020-13664
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8) CVE-2020-13671
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9) CVE-2020-28948 CVE-2020-28949
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8) CVE-2018-7600
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8) CVE-2019-6340
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14) CVE-2020-13664
Drupal Core 9.0.0 Remote Code Execution (9.0.0) CVE-2020-13664
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7) CVE-2020-13671
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8) CVE-2020-28948 CVE-2020-28949
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18) CVE-2022-25277
Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2) CVE-2022-25277
Drupal Core Remote Code Execution (8.0.0 - 9.2.21) CVE-2022-25277
Drupal Remote Code Execution (SA-CORE-2018-002) CVE-2018-7600
Drupal Remote Code Execution (SA-CORE-2018-004) CVE-2018-7602
Drupal REST Remote Code Execution CVE-2019-6340
Duplicator-WordPress Migration Remote Code Execution (1.2.40)
Dynamic Content for Elementor Remote Code Execution ( CVE-2020-26596
Easy Forms for Mailchimp PHP Code Injection (6.5.2) CVE-2019-15318
Ektron CMS multiple vulnerabilities
EktronCMS Saxon XSLT parser remote code execution CVE-2015-0931
Ektron CMS unauthenticated code execution and Local File Read CVE-2012-5357 CVE-2012-5358
Elasticsearch remote code execution CVE-2014-3120
elFinder RCE (CVE-2021-32682) CVE-2021-32682
eShop Code Injection (6.3.11) CVE-2015-3421
EWWW Image Optimizer Remote Code Execution (2.8.3)
EZPZ One Click Backup Remote Code Execution (12.03.10) CVE-2014-3114
F5 BIG-IP Traffic Management User Interface (TMUI) RCE CVE-2020-5902
F5 iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986
FastCGI Unauthorized Access Vulnerability
Fast Secure Contact Form Remote Code Execution (4.0.44) CVE-2016-10033 CVE-2016-10045
Feedify Remote Code Execution (2.0.0)
File Gallery Remote Code Execution (1.7.9) CVE-2014-2558
File Manager Remote Code Execution (4.5)
Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0) CVE-2020-29045
Flamingo Code Injection (1.1)
Flask debug mode
Flex BlazeDS AMF Deserialization RCE CVE-2017-5641
ForgeRock AM / OpenAM Deserialization RCE (CVE-2021-35464) CVE-2021-35464
Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Remote Code Execution (2.05.01)
Form Manager Remote Command Execution (1.7.2) CVE-2015-7806
Fortinet Authentication bypass on administrative interface CVE-2022-40684
Fortinet FortiNAC RCE via arbitrary file upload CVE-2022-39952
Gallery 3.0.4 remote code execution
Gantry 4 Framework Remote Command Execution (4.1.3)
GhostScript RCE (Remote Code Execution) CVE-2016-3714
GitLab ExifTool RCE (CVE-2021-22205) CVE-2021-22205
Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1)
GoAhead web server remote code execution CVE-2017-17562
Google Map Remote Code Execution (1.0)
Grafana avatar SSRF CVE-2020-13379
Grav CMS Unauthenticated RCE (CVE-2021-21425)
Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4) CVE-2019-15647
Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5) CVE-2021-24546
Hashicorp Consul API is accessible without authentication
HipChat for JIRA plugin - Velocity template injection CVE-2015-5603
Horde/IMP Plesk webmail exploit
Horde Imp Unauthenticated Remote Command Execution CVE-2018-19518
Horde remote code execution CVE-2014-1691
HTTP.sys remote code execution vulnerability CVE-2015-1635
IBM WebSphere RCE Java Deserialization Vulnerability CVE-2015-7450
ImageMagick remote code execution CVE-2016-3714
Include Me Remote Code Execution (1.2.1) CVE-2021-24453
Insert or Embed Articulate Content into WordPress Remote Code Execution (4.2997) CVE-2019-15649
Invision Power Board version 3.3.4 unserialize PHP code execution CVE-2012-5692
is_human() 'type' Parameter Remote Command Injection (1.4.2)
iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
Java Debug Wire Protocol remote code execution
Jboss Application Server remote code execution CVE-2017-7504
JBoss InvokerTransformer Remote Code Execution CVE-2015-7501
JBoss Seam framework remote code execution CVE-2010-1871
Jekyll Exporter Remote Code Execution (2.2.0) CVE-2017-9841
Joomla! Core 3.9.x Remote Code Execution (3.9.7 - 3.9.8) CVE-2019-14654
Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7) CVE-2018-11321
Joomla! Core Remote Code Execution (1.5.0 - 3.4.5) CVE-2015-8562
Joomla! JCE arbitrary file upload
Joomla! JomSocial remote code execution
Joomla! remote code execution vulnerability CVE-2015-8562
Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
Liferay TunnelServlet Deserialization Remote Code Execution
Liferay version older than 7.0
Liferay version older than 7.1
Liferay XMLRPC Blind SSRF
Lightbox Jquery Possible Remote Code Execution (0.24)
Loco Translate PHP Code Injection (2.5.3) CVE-2021-24721
Lotus Notes formula injection
Magento remote code execution CVE-2015-1397 CVE-2015-1398 CVE-2015-1399
MailPress Remote Code Execution (7.0.2)
Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9) CVE-2016-10033 CVE-2016-10045
ManageEngine Desktop Central Deserialization RCE (CVE-2020-10189) CVE-2020-10189
Master Popups Remote Code Execution (1.0.0)
MediaWiki remote code execution CVE-2014-1610
Microsoft Exchange Server Pre-auth Path Confusion vulnerability (CVE-2021-34473) CVE-2021-34473
Microsoft Exchange Server Server-Side Request Forgery (SSRF) vulnerability CVE-2021-26855
Microsoft IIS 6.0 WebDAV Buffer Overflow CVE-2017-7269
Missing Authentication Check in SAP Solution Manager CVE-2020-6207
MobileIron Log4Shell RCE CVE-2021-44228
MobileIron Remote Code Execution via LogService CVE-2020-15505
MobiLoud-WordPress Mobile Apps-Convert your WordPress Website to Native Mobile Apps Remote Code Execution (4.0.1)
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities CVE-2012-6081
MongoDB $where operator JavaScript injection
MongoDB injection
MovableType remote code execution CVE-2015-1592
Moveable Type 4.x unauthenticated remote command execution CVE-2013-0209
Multiple critical vulnerabilities in Apache Struts2 CVE-2012-0393
Multiple vulnerabilities reported in Parallels Plesk Sitebuilder
Nagios XI Magpie_debug.php Unauthenticated RCE CVE-2018-15708
Nette framework PHP code injection via callback CVE-2020-15227
Newsletter Subscription Form Possible Remote Code Execution (1.1.2) CVE-2016-10033 CVE-2016-10045
NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)
Nginx PHP code execution via FastCGI
Nginx stack-based buffer overflow CVE-2013-2028
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)
node-serialize Insecure Deserialization CVE-2017-5941
Node.js Debugger Unauthorized Access Vulnerability
Node.js Inspector Unauthorized Access Vulnerability
open-flash-chart-core Remote Code Execution (0.4) CVE-2009-4140
OpenX 2.8.10 backdoor CVE-2013-4211
OpenX arbitrary file upload CVE-2009-4140
Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587) CVE-2021-35587
Oracle ADF Faces 'Miracle' RCE (CVE-2022-21445) CVE-2022-21445
Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950
Oracle E-Business Suite Unauthenticated Remote Code Execution CVE-2022-21587
Oracle Reports rwservlet vulnerabilities CVE-2012-3152 CVE-2012-3153
Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability CVE-2011-0807
Oracle Weblogic Async Component Deserialization RCE CVE-2019-2725 CVE-2019-2725
Oracle WebLogic Remote Code Execution (CVE-2020-14882) CVE-2020-14882
Oracle WebLogic Remote Code Execution via IIOP CVE-2020-2551
Oracle WebLogic Remote Code Execution via T3 CVE-2018-3245
Oracle Weblogic WLS-WSAT Component Deserialization RCE CVE-2017-3506 CVE-2017-10271
Perl code injection
Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)
PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311
PHP4 IMAP module buffer overflow vulnerability
PHP4 multiple vulnerabilities CVE-2003-0860 CVE-2003-0861
PHP 4.3.0 file disclosure and possible code execution CVE-2003-0097
PHP 5.3.9 remote code execution CVE-2012-0830
PHP code injection (pmwiki)
PHP curl_exec() url is controlled by user CVE-2009-0037
PHP eval() used on user input
PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3) CVE-2022-24663 CVE-2022-24664 CVE-2022-24665
PHP HTTP POST incorrect MIME header parsing vulnerability CVE-2002-0717
phpMoAdmin remote code execution
phpMyAdmin v3.5.2.2 backdoor CVE-2012-5159
PHP object deserialization of user-supplied data
PHP preg_replace used on user input
PHP Speedy 'admin_container.php' Remote PHP Code Execution (0.5.2)
phpThumb() fltr[] parameter command injection vulnerability CVE-2010-1598
PHPUnit Remote Code Execution CVE-2017-9841
PHP unserialize() used on user input
PHP version older than 4.3.8 CVE-2004-0594 CVE-2004-0595
PHP version older than 5.2.1 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454
PHP version older than 5.2.3 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872
PHP version older than 5.2.5 CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900
PHP version older than 5.2.6 CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051
Plainview Activity Monitor Remote Command Execution (20161228) CVE-2018-15877
Plone arbitrary code execution CVE-2011-3587
PrimeFaces 5.x Expression Language injection CVE-2017-1000486
Product Lister for Walmart Remote Code Execution (1.0.1) CVE-2017-9841
ProfileGrid-User Profiles, Memberships, Groups and Communities Remote Code Execution (2.8.5) CVE-2019-15873
PropertyHive Remote Code Execution (1.4.25)
Python Debugger Unauthorized Access Vulnerability
Python object deserialization of user-supplied data
Rails remote code execution using render :inline CVE-2016-2098
RCE in SQL Server Reporting Services (SSRS) CVE-2020-0618
RCE with Spring Data Commons CVE-2018-1273
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036
Remote Code Execution (RCE) in Spring Security OAuth CVE-2016-4977
Remote Code Execution (Spring4Shell) CVE-2022-22965
Remote code execution in bootstrap-sass CVE-2019-10842
Remote code execution of user-provided local names in Rails CVE-2020-8163
Remote code execution vulnerability in WordPress Duplicator
Ruby on Rails directory traversal vulnerability CVE-2014-0130
Ruby on Rails DoubleTap RCE (CVE-2019-5420)
Ruby on Rails weak/known secret token CVE-2013-0156
SAP Hybris Deserialization RCE
SAP NetWeaver ConfigServlet remote command execution
Secure File Manager Remote Code Execution (2.8.1) CVE-2020-35235
Security update: Hotfix available for ColdFusion CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632
Server-side JavaScript injection
Server-Side Template Injection
Share Possible Remote Code Execution (1.0)
Similar Posts-Best Related Posts for WordPress Remote Code Execution (3.1.5) CVE-2021-24537
Sitecore XP Deserialization RCE (CVE-2021-42237)
Social Media Tab Remote Code Execution (1.0.9)
Social Photo Gallery Remote Code Execution (1.0) CVE-2019-14467
SonicWall SSL-VPN RCE via ShellShock exploit
Spring Boot Whitelabel Error Page SpEL
Spring Data REST RCE via PATCH requests CVE-2017-8046
Statistics Remote Code Execution (1.8)
Struts 2 development mode
Struts2/XWork remote command execution (S2-014) CVE-2013-1966 CVE-2013-2115
Subscribe Form Remote Command Execution (1.1)
Symfony ESI (Edge-Side Includes) enabled
Symfony RCE via weak/predictable APP_SECRET
Symfony weak application secret
Telerik Web UI Insecure Direct Object Reference CVE-2017-11357
Telerik Web UI RadAsyncUpload Deserialization CVE-2019-18935
Telerik Web UI Unrestricted File Upload (CVE-2014-2217) CVE-2014-2217
Telerik Web UI Unrestricted File Upload (CVE-2017-11317) CVE-2017-11317
Text4shell: Apache Commons Text RCE via insecure interpolation CVE-2022-42889
ThemeREX Addons Remote Code Execution (All) CVE-2020-10257
ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability
Tiki Wiki CMS: Arbitrary Code Execution
Tiki Wiki CMS: Remote Code Execution via Calendar Module
timthumb.php remote code execution CVE-2011-4106
TimThumb WebShot remote code execution
TinyMCE ajax_create_folder remote code execution vulnerability
Ubiquiti Unifi Log4Shell RCE CVE-2021-44228
Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Remote Code Execution (2.0.32)
Umbraco CMS remote code execution
Umbraco CMS TemplateService remote code execution CVE-2013-4793
Unauthenticated OGNL injection in Confluence Server and Data Center CVE-2021-26084
Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)
Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1 CVE-2020-0618
Unauthenticated remote code execution vulnerability in Confluence Server and Data Center CVE-2022-26134
UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)
uWSGI Unauthorized Access Vulnerability
VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
VaultPress Remote Code Execution (1.9.0)
vBSEO 3.6.0 PHP code injection CVE-2012-5223
vBulletin 5 CONNECT remote code execution
vBulletin 5.x 0day pre-auth RCE
vBulletin PHP object injection vulnerability
vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496
Video Embed & Thumbnail Generator 'kg_callffmpeg.php' Multiple Remote Code Execution Vulnerabilities (1.1) CVE-2012-1785
VMware Horizon Log4Shell RCE CVE-2021-44228
VMware vCenter Log4Shell RCE CVE-2021-44228
VMware vCenter Server Unauthorized Remote Code Execution CVE-2021-21972
VMware Workspace ONE Access SSTI (CVE-2022-22954) CVE-2022-22954
W3 Total Cache PHP Code Injection ( CVE-2013-2010
WebDAV remote code execution
Webmin v1.920 Unauhenticated Remote Command Execution CVE-2019-15107
WooCommerce Possible Remote Code Execution (3.4.5)
WooCommerce Possible Remote Code Execution (3.5.0)
WooCommerce Remote Code Execution (4.0.1)
Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)
WooFramework shortcode exploit
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2) CVE-2008-5695
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2) CVE-2006-2667 CVE-2006-2702
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1) CVE-2007-1277
WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2) CVE-2008-4796
WordPress 5.9.x Shortcode Execution (5.9 - 5.9.6)
WordPress 6.0.x Shortcode Execution (6.0 - 6.0.4)
WordPress 6.1.x Shortcode Execution (6.1 - 6.1.2)
WordPress 6.2.x Shortcode Execution (6.2 - 6.2.1)
WordPress caching plugins PHP code execution CVE-2013-2010
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - CVE-2005-2612
WordPress Download Manager Remote Code Execution (2.7.4)
WordPress Landing Pages Remote Code Execution (1.9.0) CVE-2015-5227
WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6)
WordPress OptimizePress unrestricted file upload CVE-2013-7102
WordPress PDF Light Viewer Command Injection (1.4.11) CVE-2021-24684
WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)
WordPress Super Socialat backdoor plugin
WordPress WP-Advanced-Search Remote Code Execution (3.3.3)
WP-Filebase Download Manager Remote Code Execution (
WP-Live Chat by 3CX Remote Code Execution (7.0.01) CVE-2016-10033 CVE-2016-10045
WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)
WP-Syntax Remote PHP Code Execution (0.9.9) CVE-2009-2852
WP E-Signature Remote Code Execution (
wp heyloyalty Remote Code Execution (1.1.4) CVE-2017-9841
WP Hotel Booking Remote Code Execution (1.10.2) CVE-2020-29047
WP Maintenance Mode Remote Code Execution (2.0.6) CVE-2018-20156
WP Super Cache PHP Code Injection (1.2) CVE-2013-2009 CVE-2013-2011
WP Super Cache Remote Code Execution (1.7.1) CVE-2021-24209
wSecure Lite Remote Code Execution (2.3)
Xdebug remote code execution via xdebug.remote_connect_back
Yoast SEO Possible Remote Code Execution (9.1.0) CVE-2018-19370
Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)