漏洞分类 — 代码执行

英文名字
Code Execution
漏洞详情:
代码执行漏洞是用户通过浏览器提交执行命令,由于服务器端没有针对执行函数做过滤,导致在没有指定绝对路径的情况下就执行命令,可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID 漏洞名称
SSV-97958 Cisco Prime Infrastructure Health Monitor HA TarArchive Directory Traversal Remote Code Execution Vulnerability(CVE-2019-1821)
SSV-97956 PHP-Fusion < 9.03.00 "编辑配置文件" 远程执行代码漏洞
SSV-97955 Schneider Electric U.Motion Builder Remote Code Execution(CVE-2018-7841)
SSV-97954 Remote Desktop Services Remote Code Execution Vulnerability(CVE-2019-0708)
SSV-97937 Four Faith Industrial routers Command Injection RCE Reverse Shell
SSV-97922 SeaCms V9.2 后台任意代码执行
SSV-97920 Oracle WebLogic wls9-async组件存在反序列化远程命令执行漏洞
SSV-97907 AntSword XSS/RCE
SSV-97906 Nagios XI 5.5.10: XSS to RCE
SSV-97905 Apache Tomcat Remote Code Execution on Windows(CVE-2019-0232 )
SSV-97903 戴尔KACE K1000远程执行代码
SSV-97901 CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis
SSV-97898 Atlassian Confluence Widget Connector macro 远程代码执行 - CVE-2019-3396
SSV-97891 VMware Fusion 11 - Guest VM RCE - CVE-2019-5514
SSV-97887 Remote code execution as root from the local network on TP-Link SR20 routers
SSV-97881 Jfinal cms Background RCE
SSV-97872 ORACLE PEOPLESOFT远程执行代码
SSV-97871 Social Warfare XSS and RCE Vulnerabilities and Attack Data
SSV-97868 Consul RCE 漏洞
SSV-97866 A Saga of Code Executions on Zimbra
SSV-97857 WordPress 5.1 CSRF to Remote Code Execution
SSV-97855 Adobe ColdFusion 反序列化 RCE 漏洞分析(CVE-2019-7091)
SSV-97851 Metinfo利用sql注入快速getshell
SSV-97850 Deserialization of untrusted data via jmx.serviceUrl(CVE-2019-0192)
SSV-97826 OpenMRS Platform Insecure Object Deserialization
SSV-97825 Splunk Universal Forwarder远程代码执行漏洞
SSV-97818 WinRAR 代码执行漏洞
SSV-97817 WordPress 5.0.0 Remote Code Execution
SSV-97816 Windows DHCP Server远程代码执行漏洞(CVE-2019-0626)
SSV-97814 mIRC <7.55 RCE using argument injection through custom URI protocol handlers (CVE-2019-6453)
SSV-97809 Nexus Repository Manager 3 访问控制缺失及远程代码执行漏洞(CVE-2019-7238)
SSV-97807 Jenkins Multiple Security Bypass Vulnerabilities
SSV-97796 Libreoffice - Remote Code Execution (CVE-2018-16858)
SSV-97795 runc容器逃逸漏洞 (CVE-2019-5736)
SSV-97782 Magento – RCE & Local File Read with low privilege admin rights
SSV-97780 Security research: ThingsPro Suite – IIoT gateway and device manager by Moxa
SSV-97769 Xterm.js远程代码执行漏洞 (CVE-2019-0542)
SSV-97767 Thinkphp 5.0.x 远程代码执行漏洞
SSV-97756 LimeSurvey 2.72.3 - Persistent XSS to Code Execution
SSV-97754 PrestaShop 1.7.2.4 Code Execution
SSV-97753 Pydio 8.2.1 Unauthenticated Remote Code Execution
SSV-97752 phpBB 3.2.3 Phar Deserialization to RCE
SSV-97749 Nuxeo 认证绕过和RCE漏洞 (CVE-2018-16341)
SSV-97748 Netatalk Out-of-bounds Write (CVE-2018-1160)
SSV-97728 empire(帝国)CMS 最新版(v7.5)一处后台getshell
SSV-97720 SQLite远程代码执行漏洞
SSV-97718 ShopSn v2.3.6 getshell
SSV-97705 GitHub Desktop RCE (OSX)
SSV-97694 Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability (CVE-2018-4013)
SSV-97689 PHPCMS 2008 代码注入漏洞 (CVE-2018-19127)
SSV-97684 Atlantis Word Processor rich text format uninitialized TAutoList RCE(CVE-2018-4040)
SSV-97683 Atlantis Word Processor Huffman table code length RCE(CVE-2018-4039)
SSV-97682 Atlantis Word Processor open document format unchecked NewAnsiString length RCE(CVE-2018-4038)
SSV-97675 Atlassian Jira Authenticated Upload Code Execution
SSV-97674 Link-Net LW-N605R 12.20.2.1486 - Remote Code Execution (CVE-2018-16752)
SSV-97672 Microsoft .NET Framework Remote Code Execution Vulnerability (CVE-2018-8421)
SSV-97668 WordPress Design Flaw Leads to WooCommerce RCE
SSV-97666 Paramiko < 2.4.1 - Remote Code Execution (CVE-2018-7750)
SSV-97665 Red Hat JBoss EAP RichFaces Remote Code Execution (CVE-2018-14667)
SSV-97658 Gogs/Gitea 远程代码执行漏洞(CVE-2018-18925/6)
SSV-97657 Advantech WebAccess Multiple Vulnerabilities
SSV-97654 Netgear NTV200-100NAS​ Code Execution Vulnerability
SSV-97651 Axentra Hipserv NAS OS RCE via XXE & SSRF(CVE-2018-18471)
SSV-97649 BleedingBit蓝牙芯片远程代码执行漏洞
SSV-97647 Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability
SSV-97643 Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability
SSV-97640 Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability
SSV-97639 Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability
SSV-97638 Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability
SSV-97636 Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability(CVE-2018-3890)
SSV-97634 Apple's XNU operating system kernel RCE(CVE-2018-4407)
SSV-97621 WebLogic 反序列化远程命令执行漏洞(CVE-2018-3191)
SSV-97617 Drupal Contextual Links validation Remote Code Execution
SSV-97616 Drupal DefaultMailSystem::mail Remote Code Execution
SSV-97613 WebLogic 反序列化远程命令执行漏洞(CVE-2018-3245)
SSV-97604 Microsoft Edge Remote Code Execution
SSV-97597 Remote Code Execution via XMeye P2P Cloud
SSV-97590 Microsoft COM for Windows RCE Vulnerability
SSV-97589 Cisco Prime Infrastructure File Inclusion and RCE
SSV-97583 phpyun v4.6 后台代码执行可getshell
SSV-97575 Phpmywind v5.5代码执行(2)
SSV-97573 phpmywind v5.5 后台配置文件代码执行getshell
SSV-97570 HPE Intelligent Management Center (iMC) PLAT Java RMI RCE
SSV-97564 Schneider Electric InduSoft Web Studio and InTouch Machine Edition RCE
SSV-97559 Cisco Prime Data Center Network Manager RCE
SSV-97554 Western Digital TV Media Player and Live Hub Unauthenticated RCE
SSV-97547 AVEVA InduSoft Web Studio and InTouch Machine Edition RCE
SSV-97541 REMOTE CODE EXECUTION VIA PHP UNSERIALIZE IN MOODLE (CVE-2018-14630)
SSV-97538 Multiple NUUO NVRMini2 Vulnerabilities
SSV-97537 Apache Syncope 2.0.7 - Remote Code Execution
SSV-97530 Adobe ColdFusion 反序列化漏洞(CVE-2018-15958, CVE-2018-15959)
SSV-97528 Logicspice FAQ Script 2.9.7 - Remote Code Execution
SSV-97526 seacms v6.64 后台可写入一句话
SSV-97516 大米CMSv6.0.1 后台可写入一句话
SSV-97514 yccms3.3 代码执行(二)
SSV-97513 yccms3.3 代码执行漏洞
SSV-97510 Discuz! 1.5-2.5 后台命令执行漏洞(CVE-2018-14729)
SSV-97508 Electron WebPreferences Remote Code Execution Finding(CVE-2018-15685)
SSV-97501 EmpireCMS后台任意代码执行
SSV-97467 OpenEMR < 5.0.1 - Remote Code Execution
京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. English