Page 4 of 51665 results (0.078 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

03 Jul 2025 — Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. ... By renaming a .session file to a path under the publicly accessible /files/ directory with a .php extension, the attacker can turn the injected code into an executabl... • https://boltcms.io/newsitem/major-announcements-bolt-3-eol-bolt-4-2-5-0-releases • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1

03 Jul 2025 — A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. ... This leads to remote code execution as the web server user, compromising the affected system. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phpstudy_backdoor_rce.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1

03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/d0n601/CVE-2025-6586 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0

03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server, which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/vikrentcar/tags/1.4.3/admin/controller.php#L1418 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 2

03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/d0n601/CVE-2025-5961 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

03 Jul 2025 — GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker c... • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/eedd01ac3dfeb60e36a44bb61a6d0418454e8416 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2

02 Jul 2025 — An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface (default port 8443), inject arbitrary commands as external scripts via the /settings/query.json API, save the configuration, and trigger the script via the /query/{name} endpoint. The injected commands are executed with SYSTEM privileges, ena... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/nscp_authenticated_rce.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-306: Missing Authentication for Critical Function •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1

02 Jul 2025 — An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. An administrator with access to /lucee/admin/web.cfm can configure a scheduled job to retrieve a remote .cfm file from an attacker-controlled server, which is written to the Lucee webroot and executed with the privileges of the Lucee service account. Because Lucee does not enforce integrity checks, path restrictions, or exe... • https://vulncheck.com/advisories/lucee-admin-interface-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

02 Jul 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49713 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 73%CPEs: 1EXPL: 2

02 Jul 2025 — A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. • https://vulncheck.com/advisories/stamparm-maltrail-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-306: Missing Authentication for Critical Function •