The Saisies plugin for SPIP CMS versions 5.4.0 through 5.11.0 contains a critical remote code execution vulnerability. Attackers can exploit the vulnerability to execute arbitrary code on the SPIP server, compromising the content management system and its database.
Local File Inclusion in Prodigy Commerce WordPress plugin <= 3.2.9.
Command injection in SECCN Dingcheng G10 3.1.0.181203 router via session_login.cgi. PoC available.
Arbitrary file upload in Slider Future WordPress plugin.
Unauthenticated file upload in Gogs self-hosted Git service 0.13.4 and below. Default configuration exposes file upload endpoints. PoC and patch available.
Remote code execution in Microsoft Semantic Kernel Python SDK before 1.39.4. Code injection in the AI orchestration framework. Patch available.
Command injection in RustFly 2.0.0 via hex-encoded UDP instructions on port 5005. The remote UI control mechanism accepts and executes commands without validation.
Unauthenticated OS command injection in NesterSoft WorkTime via report generation API. Allows executing arbitrary commands.
Hardcoded PostgreSQL credentials in Ruckus Network Director OVA < 4.5.0.54.
Execution After Redirect + missing auth in BiEticaret CMS.
Privilege escalation via registration in Buyent Classified WordPress plugin.
Privilege escalation in Lizza LMS Pro WordPress plugin <= 1.0.3.
Privilege escalation in Clasifico Listing WordPress plugin <= 2.0.
Privilege escalation via account takeover in s2Member WordPress plugin <= 260127. Broken authentication allows taking over any user account.
Hardcoded SSH keys in Ruckus Network Director OVA < 4.5.0.56 for postgres user. Same across all appliances.
PHP Object Injection in WpEvently (mage-eventpress) WordPress plugin.
PHP Object Injection in Grand Restaurant WordPress theme.
Authorization bypass via user-controlled SQL primary key in Databank Accreditation Software.
Remote code execution in Hyland's Alfresco Transform Service (and the related Alfresco Transform Core component) lets unauthenticated network attackers inject crafted arguments into the document-processing pipeline to run arbitrary commands on the transformation host. Any exposed Alfresco deployment relying on these transform components is affected, with no login required and full compromise of confidentiality, integrity and availability. No public exploit has been identified at time of analysis, and the EPSS probability is currently low (0.22%, 44th percentile).
SSRF in SoftVision webPDF before 10.0.2 via PDF converter function.