| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
.NET JSON.NET Deserialization RCE
|
CWE-502
|
CWE-502
|
High
|
|
AccessAlly PHP Code Execution (3.3.1)
|
CWE-94
|
CWE-94
|
High
|
|
Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21)
|
CVE-2019-15324
CWE-94
|
CWE-94
|
High
|
|
Advanced Access Manager Arbitrary Code Execution (2.8.2)
|
CVE-2014-6059
CWE-95
|
CWE-95
|
High
|
|
AjaxControlToolkit directory traversal
|
CVE-2015-4670
CWE-434
|
CWE-434
|
High
|
|
AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758)
|
CWE-502
|
CWE-502
|
High
|
|
Ajax Search Lite Remote Command Execution (3.1)
|
CWE-95
|
CWE-95
|
High
|
|
All-in-One WP Migration Remote Code Execution (2.0.2)
|
CVE-2014-8794
CWE-94
|
CWE-94
|
High
|
|
All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Remote Code Execution (4.1.0.1)
|
CVE-2021-24307
CWE-94
|
CWE-94
|
High
|
|
Analytics Remote Code Execution (1.7)
|
CWE-94
|
CWE-94
|
High
|
|
Apache 2.2.14 mod_isapi Dangling Pointer
|
CVE-2010-0425
CWE-20
|
CWE-20
|
High
|
|
Apache 2.x version older than 2.2.3
|
CVE-2006-3747
CWE-189
|
CWE-189
|
Medium
|
|
Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013)
|
CVE-2021-42013
CWE-22
|
CWE-22
|
High
|
|
Apache Log4j2 JNDI Remote Code Execution
|
CVE-2021-44228
CWE-78
|
CWE-78
|
Critical
|
|
Apache Log4j2 JNDI Remote Code Execution (404 page handler)
|
CVE-2021-44228
CWE-78
|
CWE-78
|
Critical
|
|
Apache Log4j2 JNDI Remote Code Execution (delayed)
|
CVE-2021-44228
CWE-78
|
CWE-78
|
Critical
|
|
Apache Log4j2 JNDI Remote Code Execution (per folder)
|
CVE-2021-44228
CWE-78
|
CWE-78
|
Critical
|
|
Apache Log4j socket receiver deserialization vulnerability
|
CVE-2017-5645
CWE-502
|
CWE-502
|
Critical
|
|
Apache mod_rewrite off-by-one buffer overflow vulnerability
|
CVE-2006-3747
CWE-189
|
CWE-189
|
High
|
|
Apache OFBiz Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
Apache OFBiz SOAPService Deserialization RCE
|
CVE-2021-26295
CWE-502
|
CWE-502
|
High
|
|
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496)
|
CVE-2020-9496
CWE-502
|
CWE-502
|
High
|
|
Apache Shiro Deserialization RCE
|
CVE-2016-4437
CWE-78
|
CWE-78
|
High
|
|
Apache Solr Deserialization of untrusted data via jmx.serviceUrl
|
CVE-2019-0192
|
|
High
|
|
Apache Solr Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
Apache Solr SSRF CVE-2017-3164
|
CWE-918
|
CWE-918
|
Medium
|
|
Apache Struts 2 ClassLoader manipulation and denial of service
|
CVE-2014-0112
CVE-2014-0113
CVE-2014-0114
CWE-701
|
CWE-701
|
High
|
|
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)
|
CVE-2014-0094
CVE-2014-0050
CWE-701
|
CWE-701
|
High
|
|
Apache Struts2 remote code execution vulnerability
|
CVE-2016-0785
CWE-78
|
CWE-78
|
Critical
|
|
Apache Struts2 Remote Command Execution (S2-048)
|
CVE-2017-9791
CWE-94
|
CWE-94
|
High
|
|
Apache Struts2 Remote Command Execution (S2-052)
|
CVE-2017-9805
CWE-94
|
CWE-94
|
High
|
|
Apache Struts2 Remote Command Execution (S2-053)
|
CVE-2017-12611
CWE-94
|
CWE-94
|
Critical
|
|
Apache Struts Remote Code Execution (S2-057)
|
CVE-2018-11776
CWE-917
|
CWE-917
|
High
|
|
Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850)
|
CVE-2021-27850
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Remote Code Execution Vulnerability
|
CVE-2017-12615
CWE-94
|
CWE-94
|
High
|
|
Apache Unomi MVEL RCE (CVE-2020-13942)
|
CVE-2020-13942
CWE-20
|
CWE-20
|
High
|
|
Arbitrary EL Evaluation in RichFaces
|
CWE-917
|
CWE-917
|
High
|
|
Argument Injection
|
CWE-88
|
CWE-88
|
High
|
|
Arigato Autoresponder and Newsletter Remote Code Execution (2.5.1.9)
|
CVE-2018-18461
CWE-94
|
CWE-94
|
High
|
|
Atlassian Crowd Remote Code Execution
|
CVE-2019-11580
CWE-78
|
CWE-78
|
High
|
|
Authentication bypass via MongoDB operator injection
|
CWE-943
|
CWE-943
|
High
|
|
BackWPup Remote and Local Code Execution (1.6.1)
|
CVE-2011-4342
CVE-2011-5208
CWE-22
CWE-94
|
CWE-22
CWE-94
|
High
|
|
Bash code injection vulnerability
|
CVE-2014-6271
CWE-78
|
CWE-78
|
Critical
|
|
Best Seo Remote Code Execution (1.5)
|
CWE-94
|
CWE-94
|
High
|
|
BigIP iRule Tcl code injection
|
CWE-78
|
CWE-78
|
High
|
|
BJ Lazy Load Remote Code Execution (0.7.5)
|
CWE-94
|
CWE-94
|
High
|
|
Bonita Authorization Bypass (CVE-2022-25237)
|
CVE-2022-25237
CWE-863
|
CWE-863
|
High
|
|
Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Remote Code Execution (5.5.15)
|
CVE-2023-25699
CWE-94
|
CWE-94
|
High
|
|
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability
|
CVE-2010-4335
CWE-20
|
CWE-20
|
High
|
|
Catch Themes Demo Import Remote Code Execution (2.1)
|
CVE-2022-0440
CWE-94
|
CWE-94
|
High
|
|
Check for apache versions up to 1.3.25, 2.0.38
|
CVE-2002-0392
CWE-119
|
CWE-119
|
High
|
|
Citrix ADC/Gateway Unauthenticated Remote Code Execution
|
CVE-2019-19781
CWE-22
|
CWE-22
|
High
|
|
CiviCRM Remote Code Execution (5.24.2)
|
CVE-2020-36388
CWE-502
|
CWE-502
|
High
|
|
Cmd hijack vulnerability
|
CWE-94
|
CWE-94
|
High
|
|
CM Download Manager Code Injection (2.0.3)
|
CVE-2014-8877
CWE-95
|
CWE-95
|
High
|
|
Code Evaluation (Apache Struts) S2-016
|
CVE-2013-2251
CWE-20
|
CWE-20
|
Critical
|
|
Code Evaluation (Apache Struts) S2-045
|
CVE-2017-5638
CWE-94
|
CWE-94
|
Critical
|
|
Code Evaluation (Apache Struts) S2-046
|
CVE-2017-5638
CWE-94
|
CWE-94
|
High
|
|
Code Evaluation (ASP)
|
CWE-95
|
CWE-95
|
Critical
|
|
Code Evaluation (PHP)
|
CWE-94
|
CWE-94
|
Critical
|
|
Code Evaluation (Python)
|
CWE-95
|
CWE-95
|
Critical
|
|
Code Evaluation (Ruby)
|
CWE-94
|
CWE-94
|
Critical
|
|
CodeIgniter weak encryption key
|
CWE-200
|
CWE-200
|
High
|
|
ColdFusion 8 FCKEditor file upload vulnerability
|
CVE-2009-2265
CWE-22
|
CWE-22
|
High
|
|
ColdFusion Access Control bypass with WDDX Deserialization RCE (CVE-2023-29298/CVE-2023-29300)
|
CVE-2023-29298
CVE-2023-29300
CWE-502
|
CWE-502
|
High
|
|
ColdFusion AMF Deserialization RCE
|
CVE-2017-3066
CWE-502
|
CWE-502
|
High
|
|
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
|
CVE-2023-26359
CWE-502
|
CWE-502
|
High
|
|
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091
|
CVE-2019-7091
CWE-502
|
CWE-502
|
High
|
|
ColdFusion JNDI injection RCE
|
CVE-2018-15957
CWE-502
|
CWE-502
|
High
|
|
Coming Soon Possible Remote Code Execution (1.1.3)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
Command Injection
|
CWE-94
|
CWE-94
|
Critical
|
|
Cool Video Gallery Command Injection (1.9)
|
CVE-2015-7527
CWE-94
|
CWE-94
|
High
|
|
Custom Content Type Manager Remote Code Execution (0.9.8.5)
|
CVE-2015-3173
CWE-94
|
CWE-94
|
High
|
|
Database User Has Admin Privileges
|
CWE-267
|
CWE-267
|
High
|
|
Data Binding Expression Vulnerability in Spring Web Flow
|
CVE-2017-4971
CWE-78
|
CWE-78
|
High
|
|
Divi Builder PHP Code Injection (4.0.9)
|
CWE-95
|
CWE-95
|
High
|
|
DotCMS unrestricted file upload (CVE-2022-26352)
|
CVE-2022-26352
CWE-434
|
CWE-434
|
High
|
|
Drupal 7 arbitrary PHP code execution and information disclosure
|
CVE-2012-4553
CVE-2012-4554
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7)
|
CVE-2006-2831
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
|
CVE-2007-5593
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 6.x Remote Code Execution (6.0 - 6.38)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.57)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.73)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.74)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.7)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.0 Remote Code Execution (8.5.0)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.10)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.0 Remote Code Execution (8.9.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 9.0.0 Remote Code Execution (9.0.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core Remote Code Execution (8.0.0 - 9.2.21)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Remote Code Execution (SA-CORE-2018-002)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Remote Code Execution (SA-CORE-2018-004)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal REST Remote Code Execution
|
CVE-2019-6340
CWE-78
|
CWE-78
|
High
|
|
Duplicator-WordPress Migration Remote Code Execution (1.2.40)
|
CWE-94
|
CWE-94
|
High
|
|
Dynamic Content for Elementor Remote Code Execution (1.9.5.6)
|
CVE-2020-26596
CWE-94
|
CWE-94
|
High
|
|
Easy Forms for Mailchimp PHP Code Injection (6.5.2)
|
CVE-2019-15318
CWE-95
|
CWE-95
|
High
|
|
Ektron CMS multiple vulnerabilities
|
CWE-434
|
CWE-434
|
High
|
|
EktronCMS Saxon XSLT parser remote code execution
|
CVE-2015-0931
CWE-78
|
CWE-78
|
High
|
|
Ektron CMS unauthenticated code execution and Local File Read
|
CVE-2012-5357
CVE-2012-5358
CWE-20
|
CWE-20
|
High
|
|
Elasticsearch remote code execution
|
CVE-2014-3120
CWE-78
|
CWE-78
|
High
|
|
elFinder RCE (CVE-2021-32682)
|
CVE-2021-32682
CWE-22
|
CWE-22
|
High
|
|
eShop Code Injection (6.3.11)
|
CVE-2015-3421
CWE-94
|
CWE-94
|
High
|
|
EWWW Image Optimizer Remote Code Execution (2.8.3)
|
CWE-94
|
CWE-94
|
High
|
|
EZPZ One Click Backup Remote Code Execution (12.03.10)
|
CVE-2014-3114
CWE-78
|
CWE-78
|
High
|
|
F5 BIG-IP Traffic Management User Interface (TMUI) RCE
|
CVE-2020-5902
CWE-78
|
CWE-78
|
High
|
|
F5 iControl REST unauthenticated remote command execution vulnerability
|
CVE-2021-22986
CWE-78
|
CWE-78
|
High
|
|
FastCGI Unauthorized Access Vulnerability
|
CWE-78
|
CWE-78
|
High
|
|
Fast Secure Contact Form Remote Code Execution (4.0.44)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
Feedify Remote Code Execution (2.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
File Gallery Remote Code Execution (1.7.9)
|
CVE-2014-2558
CWE-94
|
CWE-94
|
High
|
|
File Manager Remote Code Execution (4.5)
|
CWE-94
|
CWE-94
|
High
|
|
Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)
|
CVE-2020-29045
CWE-502
|
CWE-502
|
High
|
|
Flamingo Code Injection (1.1)
|
CWE-95
|
CWE-95
|
High
|
|
Flask debug mode
|
CWE-489
|
CWE-489
|
High
|
|
Flex BlazeDS AMF Deserialization RCE
|
CVE-2017-5641
CWE-502
|
CWE-502
|
High
|
|
ForgeRock AM / OpenAM Deserialization RCE (CVE-2021-35464)
|
CVE-2021-35464
CWE-502
|
CWE-502
|
High
|
|
Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Remote Code Execution (2.05.01)
|
CWE-94
|
CWE-94
|
High
|
|
Form Manager Remote Command Execution (1.7.2)
|
CVE-2015-7806
CWE-94
|
CWE-94
|
High
|
|
Fortinet Authentication bypass on administrative interface
|
CVE-2022-40684
CWE-288
|
CWE-288
|
High
|
|
Fortinet FortiNAC RCE via arbitrary file upload
|
CVE-2022-39952
CWE-610
|
CWE-610
|
High
|
|
Gallery 3.0.4 remote code execution
|
CWE-20
|
CWE-20
|
High
|
|
Gantry 4 Framework Remote Command Execution (4.1.3)
|
CWE-95
|
CWE-95
|
High
|
|
GhostScript RCE (Remote Code Execution)
|
CVE-2016-3714
CWE-78
|
CWE-78
|
Critical
|
|
GitLab ExifTool RCE (CVE-2021-22205)
|
CVE-2021-22205
CWE-918
|
CWE-918
|
High
|
|
Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities (1.5.1)
|
CWE-95
CWE-200
|
CWE-95
CWE-200
|
High
|
|
GoAhead web server remote code execution
|
CVE-2017-17562
CWE-94
|
CWE-94
|
High
|
|
Google Map Remote Code Execution (1.0)
|
CWE-94
|
CWE-94
|
High
|
|
Grafana avatar SSRF
|
CVE-2020-13379
CWE-78
|
CWE-78
|
High
|
|
Grav CMS Unauthenticated RCE (CVE-2021-21425)
|
CWE-284
|
CWE-284
|
High
|
|
Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)
|
CVE-2019-15647
CWE-94
|
CWE-94
|
High
|
|
Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)
|
CVE-2021-24546
CWE-94
|
CWE-94
|
High
|
|
Hashicorp Consul API is accessible without authentication
|
CWE-200
|
CWE-200
|
Medium
|
|
HipChat for JIRA plugin - Velocity template injection
|
CVE-2015-5603
CWE-94
|
CWE-94
|
High
|
|
Horde/IMP Plesk webmail exploit
|
CWE-20
|
CWE-20
|
High
|
|
Horde Imp Unauthenticated Remote Command Execution
|
CVE-2018-19518
CWE-94
|
CWE-94
|
High
|
|
Horde remote code execution
|
CVE-2014-1691
CWE-94
|
CWE-94
|
High
|
|
HTTP.sys remote code execution vulnerability
|
CVE-2015-1635
CWE-119
|
CWE-119
|
High
|
|
IBM WebSphere RCE Java Deserialization Vulnerability
|
CVE-2015-7450
CWE-502
|
CWE-502
|
High
|
|
ImageMagick remote code execution
|
CVE-2016-3714
CWE-78
|
CWE-78
|
High
|
|
Include Me Remote Code Execution (1.2.1)
|
CVE-2021-24453
CWE-94
|
CWE-94
|
High
|
|
Insert or Embed Articulate Content into WordPress Remote Code Execution (4.2997)
|
CVE-2019-15649
CWE-94
|
CWE-94
|
High
|
|
Invision Power Board version 3.3.4 unserialize PHP code execution
|
CVE-2012-5692
CWE-20
|
CWE-20
|
High
|
|
is_human() 'type' Parameter Remote Command Injection (1.4.2)
|
CWE-95
|
CWE-95
|
High
|
|
iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
|
CWE-94
|
CWE-94
|
High
|
|
Java Debug Wire Protocol remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
Jboss Application Server HTTPServerILServlet.java remote code execution
|
CVE-2017-7504
CWE-502
|
CWE-502
|
High
|
|
JBoss InvokerTransformer Remote Code Execution
|
CVE-2015-7501
CWE-502
|
CWE-502
|
High
|
|
JBoss Seam framework remote code execution
|
CVE-2010-1871
CWE-94
|
CWE-94
|
High
|
|
Jekyll Exporter Remote Code Execution (2.2.0)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.9.x Remote Code Execution (3.9.7 - 3.9.8)
|
CVE-2019-14654
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7)
|
CVE-2018-11321
CWE-94
|
CWE-94
|
High
|
|
Joomla! Core Remote Code Execution (1.5.0 - 3.4.5)
|
CVE-2015-8562
CWE-94
|
CWE-94
|
High
|
|
Joomla! JCE arbitrary file upload
|
CWE-20
|
CWE-20
|
High
|
|
Joomla! JomSocial remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
Joomla! remote code execution vulnerability
|
CVE-2015-8562
CWE-94
|
CWE-94
|
High
|
|
Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
|
CWE-94
|
CWE-94
|
High
|
|
Liferay TunnelServlet Deserialization Remote Code Execution
|
CWE-502
|
CWE-502
|
High
|
|
Liferay version older than 7.0
|
CWE-502
|
CWE-502
|
High
|
|
Liferay version older than 7.1
|
CWE-918
|
CWE-918
|
Medium
|
|
Liferay XMLRPC Blind SSRF
|
CWE-918
|
CWE-918
|
Medium
|
|
Lightbox Jquery Possible Remote Code Execution (0.24)
|
CWE-94
|
CWE-94
|
High
|
|
Loco Translate PHP Code Injection (2.5.3)
|
CVE-2021-24721
CWE-95
|
CWE-95
|
High
|
|
Lotus Notes formula injection
|
CWE-89
|
CWE-89
|
High
|
|
Magento remote code execution
|
CVE-2015-1397
CVE-2015-1398
CVE-2015-1399
CWE-94
|
CWE-94
|
High
|
|
MailPress Remote Code Execution (7.0.2)
|
CWE-94
|
CWE-94
|
High
|
|
Maintenance Mode Under Construction Page Landing Page Possible Remote Code Execution (1.0.9)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
ManageEngine Desktop Central Deserialization RCE (CVE-2020-10189)
|
CVE-2020-10189
CWE-502
|
CWE-502
|
High
|
|
Master Popups Remote Code Execution (1.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
MediaWiki remote code execution
|
CVE-2014-1610
CWE-20
|
CWE-20
|
High
|
|
Microsoft Exchange Server Pre-auth Path Confusion vulnerability (CVE-2021-34473)
|
CVE-2021-34473
CWE-918
|
CWE-918
|
High
|
|
Microsoft Exchange Server Server-Side Request Forgery (SSRF) vulnerability
|
CVE-2021-26855
CWE-918
|
CWE-918
|
High
|
|
Microsoft IIS 6.0 WebDAV Buffer Overflow
|
CVE-2017-7269
CWE-287
|
CWE-287
|
High
|
|
Missing Authentication Check in SAP Solution Manager
|
CVE-2020-6207
CWE-287
|
CWE-287
|
High
|
|
MobileIron Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
MobileIron Remote Code Execution via LogService
|
CVE-2020-15505
CWE-78
|
CWE-78
|
High
|
|
MobiLoud-WordPress Mobile Apps-Convert your WordPress Website to Native Mobile Apps Remote Code Execution (4.0.1)
|
CWE-94
|
CWE-94
|
High
|
|
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities
|
CVE-2012-6081
CWE-434
|
CWE-434
|
High
|
|
MongoDB $where operator JavaScript injection
|
CWE-943
|
CWE-943
|
High
|
|
MongoDB injection
|
CWE-943
|
CWE-943
|
High
|
|
MovableType remote code execution
|
CVE-2015-1592
CWE-94
|
CWE-94
|
High
|
|
Moveable Type 4.x unauthenticated remote command execution
|
CVE-2013-0209
CWE-287
|
CWE-287
|
High
|
|
Multiple critical vulnerabilities in Apache Struts2
|
CVE-2012-0393
CWE-264
|
CWE-264
|
High
|
|
Multiple vulnerabilities reported in Parallels Plesk Sitebuilder
|
CWE-94
|
CWE-94
|
High
|
|
Nagios XI Magpie_debug.php Unauthenticated RCE
|
CVE-2018-15708
CWE-94
|
CWE-94
|
High
|
|
Nette framework PHP code injection via callback
|
CVE-2020-15227
CWE-94
|
CWE-94
|
High
|
|
Newsletter Subscription Form Possible Remote Code Execution (1.1.2)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)
|
CWE-94
|
CWE-94
|
High
|
|
Nginx PHP code execution via FastCGI
|
CWE-94
|
CWE-94
|
High
|
|
Nginx stack-based buffer overflow
|
CVE-2013-2028
CWE-189
|
CWE-189
|
High
|
|
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)
|
CWE-94
|
CWE-94
|
High
|
|
node-serialize Insecure Deserialization
|
CVE-2017-5941
CWE-502
|
CWE-502
|
High
|
|
Node.js Debugger Unauthorized Access Vulnerability
|
CWE-200
|
CWE-200
|
High
|
|
Node.js Inspector Unauthorized Access Vulnerability
|
CWE-200
|
CWE-200
|
High
|
|
open-flash-chart-core Remote Code Execution (0.4)
|
CVE-2009-4140
CWE-434
|
CWE-434
|
High
|
|
OpenX 2.8.10 backdoor
|
CVE-2013-4211
CWE-95
|
CWE-95
|
High
|
|
OpenX arbitrary file upload
|
CVE-2009-4140
CWE-434
|
CWE-434
|
High
|
|
Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587)
|
CVE-2021-35587
CWE-502
|
CWE-502
|
High
|
|
Oracle ADF Faces 'Miracle' RCE (CVE-2022-21445)
|
CVE-2022-21445
CWE-502
|
CWE-502
|
High
|
|
Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950
|
CVE-2020-2950
CWE-502
|
CWE-502
|
High
|
|
Oracle E-Business Suite Unauthenticated Remote Code Execution
|
CVE-2022-21587
CWE-94
|
CWE-94
|
High
|
|
Oracle Reports rwservlet vulnerabilities
|
CVE-2012-3152
CVE-2012-3153
CWE-20
|
CWE-20
|
High
|
|
Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability
|
CVE-2011-0807
CWE-287
|
CWE-287
|
High
|
|
Oracle Weblogic Async Component Deserialization RCE CVE-2019-2725
|
CVE-2019-2725
CWE-94
|
CWE-94
|
High
|
|
Oracle WebLogic Remote Code Execution (CVE-2020-14882)
|
CVE-2020-14882
CWE-78
|
CWE-78
|
Critical
|
|
Oracle WebLogic Remote Code Execution via IIOP
|
CVE-2020-2551
CWE-502
|
CWE-502
|
High
|
|
Oracle WebLogic Remote Code Execution via T3
|
CVE-2018-3245
CWE-502
|
CWE-502
|
High
|
|
Oracle Weblogic WLS-WSAT Component Deserialization RCE
|
CVE-2017-3506
CVE-2017-10271
CWE-94
|
CWE-94
|
High
|
|
Perl code injection
|
CWE-94
|
CWE-94
|
Critical
|
|
Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)
|
CWE-94
|
CWE-94
|
High
|
|
PHP-CGI remote code execution
|
CVE-2012-1823
CVE-2012-2311
CWE-20
|
CWE-20
|
High
|
|
PHP4 IMAP module buffer overflow vulnerability
|
CWE-119
|
CWE-119
|
Medium
|
|
PHP4 multiple vulnerabilities
|
CVE-2003-0860
CVE-2003-0861
CWE-119
|
CWE-119
|
High
|
|
PHP 4.3.0 file disclosure and possible code execution
|
CVE-2003-0097
CWE-20
|
CWE-20
|
Medium
|
|
PHP 5.3.9 remote code execution
|
CVE-2012-0830
CWE-399
|
CWE-399
|
High
|
|
PHP code injection (pmwiki)
|
CWE-94
|
CWE-94
|
High
|
|
PHP curl_exec() url is controlled by user
|
CVE-2009-0037
CWE-352
|
CWE-352
|
Medium
|
|
PHP eval() used on user input
|
CWE-95
|
CWE-95
|
Medium
|
|
PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3)
|
CVE-2022-24663
CVE-2022-24664
CVE-2022-24665
CWE-94
|
CWE-94
|
High
|
|
PHP HTTP POST incorrect MIME header parsing vulnerability
|
CVE-2002-0717
CWE-20
|
CWE-20
|
Medium
|
|
phpMoAdmin remote code execution
|
CWE-95
|
CWE-95
|
High
|
|
phpMyAdmin v3.5.2.2 backdoor
|
CVE-2012-5159
CWE-95
|
CWE-95
|
High
|
|
PHP object deserialization of user-supplied data
|
CWE-20
|
CWE-20
|
Medium
|
|
PHP preg_replace used on user input
|
CWE-20
|
CWE-20
|
Medium
|
|
PHP Speedy 'admin_container.php' Remote PHP Code Execution (0.5.2)
|
CWE-94
|
CWE-94
|
High
|
|
phpThumb() fltr[] parameter command injection vulnerability
|
CVE-2010-1598
CWE-20
|
CWE-20
|
High
|
|
PHPUnit Remote Code Execution
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
PHP unserialize() used on user input
|
CWE-20
|
CWE-20
|
Medium
|
|
PHP version older than 4.3.8
|
CVE-2004-0594
CVE-2004-0595
CWE-1104
|
CWE-1104
|
Medium
|
|
PHP version older than 5.2.1
|
CVE-2007-1376
CVE-2007-1380
CVE-2007-1453
CVE-2007-1454
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.3
|
CVE-2007-1900
CVE-2007-2756
CVE-2007-2872
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.5
|
CVE-2007-4840
CVE-2007-4887
CVE-2007-5898
CVE-2007-5899
CVE-2007-5900
CWE-1104
|
CWE-1104
|
High
|
|
PHP version older than 5.2.6
|
CVE-2007-4850
CVE-2008-0599
CVE-2008-0674
CVE-2008-1384
CVE-2008-2050
CVE-2008-2051
CWE-1104
|
CWE-1104
|
High
|
|
Plainview Activity Monitor Remote Command Execution (20161228)
|
CVE-2018-15877
CWE-94
|
CWE-94
|
High
|
|
Plone arbitrary code execution
|
CVE-2011-3587
CWE-78
|
CWE-78
|
High
|
|
PrimeFaces 5.x Expression Language injection
|
CVE-2017-1000486
|
|
High
|
|
Product Lister for Walmart Remote Code Execution (1.0.1)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
ProfileGrid-User Profiles, Memberships, Groups and Communities Remote Code Execution (2.8.5)
|
CVE-2019-15873
CWE-94
|
CWE-94
|
High
|
|
PropertyHive Remote Code Execution (1.4.25)
|
CWE-94
|
CWE-94
|
High
|
|
Python Debugger Unauthorized Access Vulnerability
|
CWE-200
|
CWE-200
|
High
|
|
Python object deserialization of user-supplied data
|
CWE-20
|
CWE-20
|
Medium
|
|
Rails remote code execution using render :inline
|
CVE-2016-2098
CWE-94
|
CWE-94
|
High
|
|
RCE in SQL Server Reporting Services (SSRS)
|
CVE-2020-0618
CWE-78
|
CWE-78
|
High
|
|
RCE with Spring Data Commons
|
CVE-2018-1273
CWE-94
|
CWE-94
|
High
|
|
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface
|
CVE-2020-2036
CWE-79
|
CWE-79
|
High
|
|
Remote Code Execution (RCE) in Spring Security OAuth
|
CVE-2016-4977
CWE-94
|
CWE-94
|
High
|
|
Remote Code Execution (Spring4Shell)
|
CVE-2022-22965
CWE-94
|
CWE-94
|
Critical
|
|
Remote code execution in bootstrap-sass 3.2.0.3
|
CVE-2019-10842
CWE-95
|
CWE-95
|
High
|
|
Remote code execution of user-provided local names in Rails
|
CVE-2020-8163
CWE-94
|
CWE-94
|
High
|
|
Remote code execution vulnerability in WordPress Duplicator
|
CWE-98
|
CWE-98
|
High
|
|
Ruby on Rails directory traversal vulnerability
|
CVE-2014-0130
CWE-22
|
CWE-22
|
High
|
|
Ruby on Rails DoubleTap RCE (CVE-2019-5420)
|
CWE-502
|
CWE-502
|
High
|
|
Ruby on Rails weak/known secret token
|
CVE-2013-0156
CWE-200
|
CWE-200
|
High
|
|
SAP Hybris Deserialization RCE
|
CWE-502
|
CWE-502
|
High
|
|
SAP NetWeaver ConfigServlet remote command execution
|
CWE-94
|
CWE-94
|
High
|
|
Secure File Manager Remote Code Execution (2.8.1)
|
CVE-2020-35235
CWE-94
|
CWE-94
|
High
|
|
Security update: Hotfix available for ColdFusion
|
CVE-2013-0625
CVE-2013-0629
CVE-2013-0631
CVE-2013-0632
CWE-255
|
CWE-255
|
High
|
|
Server-side JavaScript injection
|
CWE-20
|
CWE-20
|
High
|
|
Server-Side Template Injection
|
CWE-20
|
CWE-20
|
Critical
|
|
Share Possible Remote Code Execution (1.0)
|
CWE-94
|
CWE-94
|
High
|
|
Similar Posts-Best Related Posts for WordPress Remote Code Execution (3.1.5)
|
CVE-2021-24537
CWE-94
|
CWE-94
|
High
|
|
Sitecore XP Deserialization RCE (CVE-2021-42237)
|
CWE-502
|
CWE-502
|
High
|
|
Social Media Tab Remote Code Execution (1.0.9)
|
CWE-94
|
CWE-94
|
High
|
|
Social Photo Gallery Remote Code Execution (1.0)
|
CVE-2019-14467
CWE-94
|
CWE-94
|
High
|
|
SonicWall SSL-VPN 8.0.0.0 RCE via ShellShock exploit
|
CWE-78
|
CWE-78
|
High
|
|
Spring Boot Whitelabel Error Page SpEL
|
CWE-94
|
CWE-94
|
High
|
|
Spring Data REST RCE via PATCH requests
|
CVE-2017-8046
CWE-94
|
CWE-94
|
High
|
|
Statistics Remote Code Execution (1.8)
|
CWE-94
|
CWE-94
|
High
|
|
Struts 2 development mode
|
CWE-489
|
CWE-489
|
High
|
|
Struts2/XWork remote command execution (S2-014)
|
CVE-2013-1966
CVE-2013-2115
CWE-94
|
CWE-94
|
High
|
|
Subscribe Form Remote Command Execution (1.1)
|
CWE-94
|
CWE-94
|
High
|
|
Symfony ESI (Edge-Side Includes) enabled
|
CWE-16
|
CWE-16
|
Low
|
|
Symfony RCE via weak/predictable APP_SECRET
|
CWE-94
|
CWE-94
|
High
|
|
Symfony weak application secret
|
CWE-94
|
CWE-94
|
High
|
|
Telerik Web UI Insecure Direct Object Reference
|
CVE-2017-11357
CWE-78
|
CWE-78
|
High
|
|
Telerik Web UI RadAsyncUpload Deserialization
|
CVE-2019-18935
CWE-78
|
CWE-78
|
High
|
|
Telerik Web UI Unrestricted File Upload (CVE-2014-2217)
|
CVE-2014-2217
CWE-78
|
CWE-78
|
High
|
|
Telerik Web UI Unrestricted File Upload (CVE-2017-11317)
|
CVE-2017-11317
CWE-78
|
CWE-78
|
High
|
|
Text4shell: Apache Commons Text RCE via insecure interpolation
|
CVE-2022-42889
CWE-94
|
CWE-94
|
Critical
|
|
ThemeREX Addons Remote Code Execution (All)
|
CVE-2020-10257
CWE-94
|
CWE-94
|
High
|
|
ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability
|
CWE-94
|
CWE-94
|
High
|
|
Tiki Wiki CMS: Arbitrary Code Execution
|
|
|
High
|
|
Tiki Wiki CMS: Remote Code Execution via Calendar Module
|
|
|
High
|
|
timthumb.php remote code execution
|
CVE-2011-4106
CWE-20
|
CWE-20
|
High
|
|
TimThumb WebShot remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
TinyMCE ajax_create_folder remote code execution vulnerability
|
CWE-94
|
CWE-94
|
High
|
|
Ubiquiti Unifi Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Remote Code Execution (2.0.32)
|
CWE-94
|
CWE-94
|
High
|
|
Umbraco CMS remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
Umbraco CMS TemplateService remote code execution
|
CVE-2013-4793
CWE-94
|
CWE-94
|
High
|
|
Unauthenticated OGNL injection in Confluence Server and Data Center
|
CVE-2021-26084
CWE-917
|
CWE-917
|
High
|
|
Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)
|
CWE-78
|
CWE-78
|
High
|
|
Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1
|
CVE-2020-0618
CWE-78
|
CWE-78
|
High
|
|
Unauthenticated remote code execution vulnerability in Confluence Server and Data Center
|
CVE-2022-26134
CWE-917
|
CWE-917
|
High
|
|
UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)
|
CWE-95
|
CWE-95
|
High
|
|
uWSGI Unauthorized Access Vulnerability
|
CWE-78
|
CWE-78
|
High
|
|
VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
|
CWE-94
|
CWE-94
|
High
|
|
VaultPress Remote Code Execution (1.9.0)
|
CWE-94
|
CWE-94
|
High
|
|
vBSEO 3.6.0 PHP code injection
|
CVE-2012-5223
CWE-94
|
CWE-94
|
High
|
|
vBulletin 5 CONNECT remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
vBulletin 5.x 0day pre-auth RCE
|
CWE-94
|
CWE-94
|
High
|
|
vBulletin PHP object injection vulnerability
|
CWE-915
|
CWE-915
|
High
|
|
vBulletin Pre-Auth RCE Vulnerability
|
CVE-2020-17496
CWE-94
|
CWE-94
|
High
|
|
Video Embed & Thumbnail Generator 'kg_callffmpeg.php' Multiple Remote Code Execution Vulnerabilities (1.1)
|
CVE-2012-1785
CWE-20
|
CWE-20
|
High
|
|
VMware Horizon Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
VMware vCenter Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
VMware vCenter Server Unauthorized Remote Code Execution
|
CVE-2021-21972
CWE-78
|
CWE-78
|
High
|
|
VMware Workspace ONE Access SSTI (CVE-2022-22954)
|
CVE-2022-22954
CWE-94
|
CWE-94
|
High
|
|
W3 Total Cache PHP Code Injection (0.9.2.8)
|
CVE-2013-2010
CWE-95
|
CWE-95
|
High
|
|
WebDAV remote code execution
|
CWE-434
|
CWE-434
|
High
|
|
Webmin v1.920 Unauhenticated Remote Command Execution
|
CVE-2019-15107
CWE-94
|
CWE-94
|
High
|
|
WooCommerce Possible Remote Code Execution (3.4.5)
|
CWE-94
|
CWE-94
|
High
|
|
WooCommerce Possible Remote Code Execution (3.5.0)
|
CWE-94
|
CWE-94
|
High
|
|
WooCommerce Remote Code Execution (4.0.1)
|
CWE-94
|
CWE-94
|
High
|
|
Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)
|
CWE-95
|
CWE-95
|
High
|
|
WooFramework shortcode exploit
|
CWE-95
|
CWE-95
|
High
|
|
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2)
|
CVE-2008-5695
CWE-20
|
CWE-20
|
High
|
|
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
|
CVE-2006-2667
CVE-2006-2702
CWE-94
|
CWE-94
|
High
|
|
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
|
CVE-2007-1277
CWE-94
|
CWE-94
|
High
|
|
WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2)
|
CVE-2008-4796
CWE-94
|
CWE-94
|
High
|
|
WordPress 5.9.x Shortcode Execution (5.9 - 5.9.6)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.0.x Shortcode Execution (6.0 - 6.0.4)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.1.x Shortcode Execution (6.1 - 6.1.2)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress 6.2.x Shortcode Execution (6.2 - 6.2.1)
|
CWE-862
|
CWE-862
|
High
|
|
WordPress caching plugins PHP code execution
|
CVE-2013-2010
CWE-95
|
CWE-95
|
High
|
|
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
|
CVE-2005-2612
CWE-94
|
CWE-94
|
High
|
|
WordPress Download Manager Remote Code Execution (2.7.4)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Landing Pages Remote Code Execution (1.9.0)
|
CVE-2015-5227
CWE-94
|
CWE-94
|
High
|
|
WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress OptimizePress unrestricted file upload
|
CVE-2013-7102
CWE-20
|
CWE-20
|
High
|
|
WordPress PDF Light Viewer Command Injection (1.4.11)
|
CVE-2021-24684
CWE-94
|
CWE-94
|
High
|
|
WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)
|
CWE-94
|
CWE-94
|
High
|
|
WordPress Super Socialat backdoor plugin
|
CWE-94
|
CWE-94
|
High
|
|
WordPress WP-Advanced-Search Remote Code Execution (3.3.3)
|
CWE-94
|
CWE-94
|
High
|
|
WP-Filebase Download Manager Remote Code Execution (0.3.0.03)
|
CWE-94
|
CWE-94
|
High
|
|
WP-Live Chat by 3CX Remote Code Execution (7.0.01)
|
CVE-2016-10033
CVE-2016-10045
CWE-94
|
CWE-94
|
High
|
|
WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)
|
CWE-94
|
CWE-94
|
High
|
|
WP-Syntax Remote PHP Code Execution (0.9.9)
|
CVE-2009-2852
CWE-20
|
CWE-20
|
High
|
|
WP E-Signature Remote Code Execution (1.5.6.5)
|
CWE-94
|
CWE-94
|
High
|
|
wp heyloyalty Remote Code Execution (1.1.4)
|
CVE-2017-9841
CWE-94
|
CWE-94
|
High
|
|
WP Hotel Booking Remote Code Execution (1.10.2)
|
CVE-2020-29047
CWE-502
|
CWE-502
|
High
|
|
WP Maintenance Mode Remote Code Execution (2.0.6)
|
CVE-2018-20156
CWE-94
|
CWE-94
|
High
|
|
WP Super Cache PHP Code Injection (1.2)
|
CVE-2013-2009
CVE-2013-2011
CWE-95
|
CWE-95
|
High
|
|
WP Super Cache Remote Code Execution (1.7.1)
|
CVE-2021-24209
CWE-94
|
CWE-94
|
High
|
|
wSecure Lite Remote Code Execution (2.3)
|
CWE-94
|
CWE-94
|
High
|
|
Xdebug remote code execution via xdebug.remote_connect_back
|
CWE-200
|
CWE-200
|
High
|
|
Yoast SEO Possible Remote Code Execution (9.1.0)
|
CVE-2018-19370
CWE-94
|
CWE-94
|
High
|
|
Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)
|
CWE-95
|
CWE-95
|
High
|
