
CVE-2025-34086 – Bolt CMS Authenticated Remote Code Execution via Profile Injection and File Rename
https://notcve.org/view.php?id=CVE-2025-34086
03 Jul 2025 — Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. ... By renaming a .session file to a path under the publicly accessible /files/ directory with a .php extension, the attacker can turn the injected code into an executabl... • https://boltcms.io/newsitem/major-announcements-bolt-3-eol-bolt-4-2-5-0-releases • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2025-34061 – PHPStudy 2016-2018 Backdoor Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-34061
03 Jul 2025 — A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. ... This leads to remote code execution as the web server user, compromising the affected system. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phpstudy_backdoor_rce.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVE-2025-6586 – Download Plugin <= 2.2.8 - Authenticated (Administrator+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-6586
03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/d0n601/CVE-2025-6586 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2025-5322 – VikRentCar Car Rental Management System <= 1.4.3 - Authenticated (Administrator+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-5322
03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server, which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/vikrentcar/tags/1.4.3/admin/controller.php#L1418 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2025-5961 – Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-5961
03 Jul 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/d0n601/CVE-2025-5961 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2025-6663 – GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-6663
03 Jul 2025 — GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker c... • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/eedd01ac3dfeb60e36a44bb61a6d0418454e8416 • CWE-121: Stack-based Buffer Overflow •

CVE-2025-34079 – NSClient++ Authenticated Remote Code Execution via ExternalScripts API
https://notcve.org/view.php?id=CVE-2025-34079
02 Jul 2025 — An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface (default port 8443), inject arbitrary commands as external scripts via the /settings/query.json API, save the configuration, and trigger the script via the /query/{name} endpoint. The injected commands are executed with SYSTEM privileges, ena... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/nscp_authenticated_rce.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-306: Missing Authentication for Critical Function •

CVE-2025-34074 – Lucee Admin Interface Authenticated Remote Code Execution via Scheduled Job File Write
https://notcve.org/view.php?id=CVE-2025-34074
02 Jul 2025 — An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. An administrator with access to /lucee/admin/web.cfm can configure a scheduled job to retrieve a remote .cfm file from an attacker-controlled server, which is written to the Lucee webroot and executed with the privileges of the Lucee service account. Because Lucee does not enforce integrity checks, path restrictions, or exe... • https://vulncheck.com/advisories/lucee-admin-interface-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVE-2025-49713 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-49713
02 Jul 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49713 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVE-2025-34073 – stamparm/maltrail <=0.54 Remote Command Execution
https://notcve.org/view.php?id=CVE-2025-34073
02 Jul 2025 — A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. • https://vulncheck.com/advisories/stamparm-maltrail-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-306: Missing Authentication for Critical Function •