NotCVE - "arbitrary code execution"

Page 2 of 40752 results (0.100 seconds)

CVSS: -EPSS: %CPEs: -EXPL: 0

CVE-2024-48747

https://notcve.org/view.php?id=CVE-2024-48747

An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file. • https://github.com/6pc1/BugHub/blob/main/alist-tvbox%20command%20execution%20vulnerability.pdf •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-9479

https://notcve.org/view.php?id=CVE-2018-9479

This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-09-01 • CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1

CVE-2024-11493 – 115cms pageAE.html cross site scripting

https://notcve.org/view.php?id=CVE-2024-11493

This vulnerability affects unknown code of the file /index.php/setpage/admin/pageAE.html. • https://github.com/Hebing123/cve/issues/70 https://vuldb.com/?ctiid.285508 https://vuldb.com/?id.285508 https://vuldb.com/?submit.442037 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1

CVE-2024-11492 – 115cms appurladd.html cross site scripting

https://notcve.org/view.php?id=CVE-2024-11492

A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects an unknown part of the file /index.php/admin/web/appurladd.html. The manipulation of the argument tid leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hebing123/cve/issues/70 https://vuldb.com/?ctiid.285507 https://vuldb.com/?id.285507 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-9478

https://notcve.org/view.php?id=CVE-2018-9478

1 2 3 4 5