A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher.
Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.
Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.
PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).
A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransa...