Ruby Exploits
5,920 exploits tracked across all sources.
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
by sfewer-r7
CVSS 9.1
Ivanti SAML - Server Side Request Forgery (SSRF)
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
by sfewer-r7
CVSS 8.2
Ivanti Connect Secure - Improper Privilege Management
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
by sfewer-r7
CVSS 8.8
Shibboleth XMLTooling <3.2.4 - SSRF
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
by sfewer-r7
CVSS 7.5
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
by sfewer-r7
CVSS 9.1
IBM Data Risk Manager - Hard-coded Credentials
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
CVSS 9.8
IBM Data Risk Manager < 2.0.6.1 - Authentication Bypass
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
CVSS 9.8
Goautodial Goadmin CE - SQL Injection
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.
by Chris McCurley
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Multiple Camera Devices - Info Disclosure
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 9.8
Multiple Camera Devices - Command Injection
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
by Titouan Lazard, Ibrahim Ayadhi, Sébastien Charbonnier
CVSS 7.2
Fortinet FortiWeb unauthenticated RCE
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
by Defused, sfewer-r7
CVSS 9.8
D-Tale RCE
man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution (RCE) due to improper input validation. The vulnerability arises from a hardcoded `SECRET_KEY` in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled. Additionally, the application fails to properly restrict custom filter queries, enabling attackers to execute arbitrary code on the server by bypassing the restriction on the `/update-settings` endpoint, even when `enable_custom_filters` is not enabled. This vulnerability allows attackers to bypass authentication mechanisms and execute remote code on the server.
by taiphung217, Takahiro Yokoyama
CVSS 9.8
Cisco Integrated Management Controlle... - Improper Input Validation
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. Exploitation of this vulnerability requires privileged access to an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrator privileges and then sending a malicious request to a certain part of the interface.
CVSS 7.2
Cisco Rv320 Firmware < 1.4.2.22 - OS Command Injection
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.
by RedTeam Pentesting GmbH, Philip Huppert, Benjamin Grap
CVSS 7.2
Cisco Hyperflex HX Data Platform < 4.0\(2e\) - OS Command Injection
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
by Nikita Abramov, Mikhail Klyuchnikov, wvu
CVSS 9.8
Merethis Centreon - Code Injection
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variable.
by MaZ, juan vazquez
Axis IP Cameras - Auth Bypass
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
by Or Peles, wvu, sinn3r, Brent Cook, Jacob Robles, Matthew Kienow, Shelby Pace, Chris Lee, Cale Black
CVSS 9.8
Axis IP Cameras - Info Disclosure
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
by Or Peles, wvu, sinn3r, Brent Cook, Jacob Robles, Matthew Kienow, Shelby Pace, Chris Lee, Cale Black
CVSS 9.8
Atutor - SQL Injection
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
CVSS 9.8
Artica proxy 4.30.000000 Auth Bypass service-cmds-peform Command Injection
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
by Max0x4141
CVSS 8.8
By Source