1 |
RCE via npm misconfig -- installing internal libraries from the public registry |
$30000.0 |
2 |
RCE via unsafe inline Kramdown options when rendering certain Wiki pages |
$20000.0 |
3 |
RCE when removing metadata with ExifTool |
$20000.0 |
4 |
Struct type confusion RCE |
$18000.0 |
5 |
Websites Can Run Arbitrary Code on Machines Running the 'PlayStation Now' Application |
$15000.0 |
6 |
Arbitrary Code Execution via npm misconfiguration – installing internal libraries from the public registry |
$11500.0 |
7 |
RCE via npm misconfig -- installing internal libraries from the public registry |
$9000.0 |
8 |
CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes |
$5000.0 |
9 |
CVE-2022-40127: RCE in Apache Airflow <2.4.0 bash example |
$4000.0 |
10 |
Code inject via nginx.ingress.kubernetes.io/permanent-redirect annotation |
$2500.0 |
11 |
RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field |
$2500.0 |
12 |
Ingress nginx annotation injection causes arbitrary command execution |
$2500.0 |
13 |
RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0 |
$2400.0 |
14 |
SQL Injection in www.hyperpure.com |
$2000.0 |
15 |
RCE due to ImageTragick v2 |
$2000.0 |
16 |
CVE-2022-21831: Possible code injection vulnerability in Rails / Active Storage |
$2000.0 |
17 |
Remote code execution using render :inline |
$1500.0 |
18 |
Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack |
$1000.0 |
19 |
msilib.OpenDatabase Type Confusion |
$1000.0 |
20 |
php curl ext size_t overflow lead to heap corruption |
$1000.0 |
21 |
In correct casting from size_t to int lead to heap overflow in mcrypt_generic |
$1000.0 |
22 |
php mcrypt ext - In correct casting from size_t to int lead to heap overflow in mdecrypt_generic |
$1000.0 |
23 |
[███████] Remote Code Execution at ██████ [CVE-2021-44529] [HtUS] |
$1000.0 |
24 |
The io.kubernetes.client.util.generic.dynamic.Dynamics contains a code execution vulnerability due to SnakeYAML |
$1000.0 |
25 |
code injection, steam chat client |
$750.0 |
26 |
chrome://brave navigation from web |
$650.0 |
27 |
Command Injection using malicious hostname in expanded proxycommand |
$540.0 |
28 |
RCE on facebooksearch.algolia.com |
$500.0 |
29 |
Type confusion in FutureIter_throw() which may potentially lead to an arbitrary code execution |
$500.0 |
30 |
Explicit, dynamic render path: Dir. Trav + RCE |
$500.0 |
31 |
Windows builds with insecure path defaults (CVE-2019-1552) |
$500.0 |
32 |
potential remote code execution with phar archive |
$500.0 |
33 |
NULL pointer dereference in SimpleXMLElement::asXML() |
$500.0 |
34 |
crash in openssl_random_pseudo_bytes function |
$500.0 |
35 |
missing NULL check in dom_document_save_html |
$500.0 |
36 |
heap overflow in php_ereg_replace function |
$500.0 |
37 |
crash in locale_get_keywords() when keyword value in locale string too long |
$500.0 |
38 |
another crash in locale_get_keywords function |
$500.0 |
39 |
crash in locale_compose() function |
$500.0 |
40 |
integer overflow in php_uuencode caused heap corruption |
$500.0 |
41 |
integer overflow in urlencode caused heap corruption |
$500.0 |
42 |
integer overflow in quoted_printable_encode caused heap corruption |
$500.0 |
43 |
Integer overflow lead to heap corruption in sql_regcase |
$500.0 |
44 |
HTML injection on newsroom.snap.com/* via search?q=1 |
$500.0 |
45 |
chrome://brave can still be navigated to, leading to RCE |
$300.0 |
46 |
Control characters incorrectly handled on Crew Status Update |
$250.0 |
47 |
Email html Injection |
$250.0 |
48 |
Code injection in Nextcloud Desktop Client for macOS |
$250.0 |
49 |
Уязвимость получения всех номеров телефонов вк (по совместительству логинов профилей) |
$200.0 |
50 |
CVE-2019-5443: Windows Privilege Escalation: Malicious OpenSSL Engine |
$200.0 |
51 |
HTML injection leads to reflected XSS |
$150.0 |
52 |
Download of file with arbitrary extension via injection into attachment header |
$125.0 |
53 |
Remote Code Execution in NovaStor NovaBACKUP DataCenter backup software (Hiback) |
$100.0 |
54 |
[FG-VD-17-063] NextCloud Insufficient Attack Protection Vulnerability Notification |
$100.0 |
55 |
Arbitrary code execution in desktop client via OpenSSL config |
$100.0 |
56 |
https://www.wotif.com/vc/blog/info.php script is prone to reflected HTML/CSS injection and COOKIE leak |
$100.0 |
57 |
ownCloud 2.2.2.6192 DLL Hijacking Vulnerability |
$50.0 |
58 |
Server side request forgery on image upload for lists |
$50.0 |
59 |
Log4j RCE on https://judge.me/reviews |
$50.0 |
60 |
newsroom.uber.com is vulnerable to 'SOME' XSS attack via plupload.flash.swf |
$0.0 |
61 |
Email Server Compromised at secure.lahitapiola.fi |
$0.0 |
62 |
Use after free vulnerability in mruby Array#to_h causing DOS possible RCE |
$0.0 |
63 |
TOCTTOU bug in mrb_str_setbyte leading the memory corruption |
$0.0 |
64 |
Remote client memory corruption in ssl_add_clienthello_tlsext() |
$0.0 |
65 |
RCE on a Department of Defense website |
$0.0 |
66 |
Remote code execution on an Army website |
$0.0 |
67 |
Type confusion in wrap_decimal leading to memory corruption |
$0.0 |
68 |
Java Deserialization RCE via JBoss JMXInvokerServlet/EJBInvokerServlet on card.starbucks.in |
$0.0 |
69 |
Review remote code execution in SwiftMailer |
$0.0 |
70 |
Remote Unrestricted file Creation/Deletion and Possible RCE. |
$0.0 |
71 |
Remote command execution (RCE) vulnerability on a DoD website |
$0.0 |
72 |
Remote Command Execution on a DoD website |
$0.0 |
73 |
Remote Code Execution (RCE) in a DoD website |
$0.0 |
74 |
Remote Code Execution on Git.imgur-dev.com |
$0.0 |
75 |
Java Deserialization RCE via JBoss on card.starbucks.in |
$0.0 |
76 |
Remote Code Execution (RCE) in a DoD website |
$0.0 |
77 |
Remote Code Execution (RCE) in a DoD website |
$0.0 |
78 |
Use of uninitialized memory in unserialize() |
$0.0 |
79 |
Remote Code Execution (RCE) in a DoD website |
$0.0 |
80 |
Completed Compromise & Source Code Disclosure via Exposed Jenkins Dashboard at https://jenkins101.udemy.com |
$0.0 |
81 |
HTML Injection on airlink.ubnt.com |
$0.0 |
82 |
Remote code execution vulnerability on a DoD website |
$0.0 |
83 |
Remote code execution vulnerability on a DoD website |
$0.0 |
84 |
Server-side include injection vulnerability in a DoD website |
$0.0 |
85 |
Remote code execution vulnerability on a DoD website |
$0.0 |
86 |
Remote Code Execution (RCE) vulnerability in multiple DoD websites |
$0.0 |
87 |
Remote code execution (RCE) in multiple DoD websites |
$0.0 |
88 |
Mercurial can be tricked into granting authorized users access to the Python debugger |
$0.0 |
89 |
Add arbitrary content to Password Reset Email |
$0.0 |
90 |
links the user may download can be a malicious files |
$0.0 |
91 |
Urgent: Server side template injection via Smarty template allows for RCE |
$0.0 |
92 |
Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier |
$0.0 |
93 |
Image lib - unescaped file path |
$0.0 |
94 |
Potential code injection in fun delete_directory |
$0.0 |
95 |
Comments Denial of Service in socialclub.rockstargames.com |
$0.0 |
96 |
Remote code execution as root on [REDACTED] |
$0.0 |
97 |
[Simplenote for Windows] Client RCE via External JavaScript Inclusion leveraging Electron |
$0.0 |
98 |
Unserialize leading to arbitrary PHP function invoke |
$0.0 |
99 |
[marketplace.informatica.com] - Template Injection |
$0.0 |
100 |
Text manipulation in https://checkout.rbk.money |
$0.0 |
101 |
Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View |
$0.0 |
102 |
Arbitrary file upload when setting an avatar |
$0.0 |
103 |
HTML Injection on https://www.mycrypto.com/ |
$0.0 |
104 |
Your support community suffers from angularjs injection and must be fixed immediately [CRITICAL] |
$0.0 |
105 |
Remote Code Execution in Wordpress Desktop |
$0.0 |
106 |
Remote Code Execution (RCE) in DoD Websites |
$0.0 |
107 |
Client-side Template Injection in Search, user email/token leak and maybe sandbox escape |
$0.0 |
108 |
Insecure implementation of deserialization in funcster |
$0.0 |
109 |
Insecure implementation of deserialization in cryo |
$0.0 |
110 |
RCE via Print function [Simplenote 1.1.3 - Desktop app] |
$0.0 |
111 |
forum.getmonero.org Shell upload |
$0.0 |
112 |
Remote code execution by hijacking an unclaimed S3 bucket in Rocket.Chat's installation script. |
$0.0 |
113 |
Public Jenkins instance with /script enabled |
$0.0 |
114 |
Remote Code Execution in Rocket.Chat Desktop |
$0.0 |
115 |
RCE via Local File Read -> php unserialization-> XXE -> unpickling |
$0.0 |
116 |
Solution for h15411's CTF challenge |
$0.0 |
117 |
Code Injection Vulnerability in morgan Package |
$0.0 |
118 |
Privacy policy contains hardcoded link using unencrypted HTTP |
$0.0 |
119 |
Code Injection Vulnerability in dot Package |
$0.0 |
120 |
Remote code executio in NPM package getcookies |
$0.0 |
121 |
H1514 Server Side Template Injection in Return Magic email templates? |
$0.0 |
122 |
RCE and Complete Server Takeover of http://www.█████.starbucks.com.sg/ |
$0.0 |
123 |
https://mathfacts.khanacademy.org/ includes code from unprivileged localhost port |
$0.0 |
124 |
RCE on █████ via CVE-2017-10271 |
$0.0 |
125 |
Some HTML Tags are Getting Executed in com.nextcloud.client |
$0.0 |
126 |
accounts.informatica.com - RCE due to exposed Groovy console |
$0.0 |
127 |
Root Remote Code Execution on https://███ |
$0.0 |
128 |
Remote Code Execution (RCE) in a DoD website |
$0.0 |
129 |
pngcrush_measure_idat() off-by-one error (CVE-2015-2158) |
$0.0 |
130 |
Panorama UI XSS leads to Remote Code Execution via Kick/Disconnect Message |
$0.0 |
131 |
GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability] |
$0.0 |
132 |
Code injection in https://www.semrush.com |
$0.0 |
133 |
EIP control using type confusion in json encoding |
$0.0 |
134 |
Stack-based buffer overflow vulnerability in php_stream_zip_opener |
$0.0 |
135 |
Double Free Corruption in wddx.c (extension) |
$0.0 |
136 |
Trivial age-old heap overflow in 32-bit PHP |
$0.0 |
137 |
Use-after-free vulnerability in SPL(SplObjectStorage, unserialize) |
$0.0 |
138 |
Use-after-free vulnerability in SPL(ArrayObject, unserialize) |
$0.0 |
139 |
The “Malstaller” Attack, global hijacking of any installation process to achieve RCE with elevated privileges, Windows OS (vendor agnostic) |
$0.0 |
140 |
Monero Wallet Gui for Windows (Arbitrary Code Execution) |
$0.0 |
141 |
[node-df] RCE via insecure command concatenation |
$0.0 |
142 |
[treekill] RCE via insecure command concatenation (only Windows) |
$0.0 |
143 |
[tree-kill] RCE via insecure command concatenation (only Windows) |
$0.0 |
144 |
Server Side JavaScript Code Injection |
$0.0 |
145 |
[meta-git] RCE via insecure command formatting |
$0.0 |
146 |
[npm-git-publish] RCE via insecure command formatting |
$0.0 |
147 |
Arbitrary file read via ffmpeg HLS parser at https://www.flickr.com/photos/upload |
$0.0 |
148 |
Public instance of Jenkins on https://██████████/ with /script enabled |
$0.0 |
149 |
[script-manager] Unintended require |
$0.0 |
150 |
Content injection via URL parameter. |
$0.0 |
151 |
Modify Host Header which is sent to email |
$0.0 |
152 |
(Critical) Remote Code Execution Through Old TinyMCE upload bypass |
$0.0 |
153 |
Several simple remote code execution in pdf-image |
$0.0 |
154 |
(Authenticated) RCE by bypassing of the .htaccess blacklist |
$0.0 |
155 |
[blamer] RCE via insecure command formatting |
$0.0 |
156 |
Docker image with FPM is vulnerable to CVE-2019-11043 |
$0.0 |
157 |
potential RCE and XSS via file upload requiring user account and default settings |
$0.0 |
158 |
Code injection in macOS Desktop Client |
$0.0 |
159 |
[git-promise] RCE via insecure command formatting |
$0.0 |
160 |
[logkitty] RCE via insecure command formatting |
$0.0 |
161 |
Code injection possible with malformed Nextcloud Talk chat commands |
$0.0 |
162 |
[CRITICAL] Remote code execution on http://axa.dxi.eu |
$0.0 |
163 |
loader.js is not secure |
$0.0 |
164 |
[H1-2006 2020] Connecting the dots to send hackers their Bug Bounty |
$0.0 |
165 |
[Security Vulnerability Rocket.chat] HTML Injection into Email via Signup |
$0.0 |
166 |
bunyan - RCE via insecure command formatting |
$0.0 |
167 |
Remote Code Execution through Extension Bypass on Log Functionality |
$0.0 |
168 |
Child process environment injection via prototype pollution |
$0.0 |
169 |
Remote Code Execution (Reverse Shell) - File Manager |
$0.0 |
170 |
Java Debug Console Provides Command Injection Without Privellage Esclation |
$0.0 |
171 |
Arbitrary code execution via untrusted schemas in is-my-json-valid |
$0.0 |
172 |
Arbitrary code execution via untrusted schemas in ajv |
$0.0 |
173 |
[windows-edge] RCE via insecure command formatting |
$0.0 |
174 |
[notevil] - Sandbox Escape Lead to RCE on Node.js and XSS in the Browser |
$0.0 |
175 |
CSV Injection Via Student Password/Name Leads To Client Side RCE And Reading Client Files |
$0.0 |
176 |
Remote Code Execution in Slack desktop apps + bonus |
$0.0 |
177 |
Remote Code Execution on █████████ |
$0.0 |
178 |
Сode injection host █████████ |
$0.0 |
179 |
[git-lib] RCE via insecure command formatting |
$0.0 |
180 |
[gity] RCE via insecure command formatting |
$0.0 |
181 |
[commit-msg] RCE via insecure command formatting |
$0.0 |
182 |
[create-git] RCE via insecure command formatting |
$0.0 |
183 |
Desktop app RCE (#276031 bypass) |
$0.0 |
184 |
Remote Code Execution in Basecamp Windows Electron App |
$0.0 |
185 |
Apache solr RCE via velocity template |
$0.0 |
186 |
[arpping] Remote Code Execution |
$0.0 |
187 |
[imagickal] Remote Code Execution |
$0.0 |
188 |
Html injection on ██████.informatica.com via search.html?q=1 |
$0.0 |
189 |
Dashboard sharing enables code injection into ████ emails |
$0.0 |
190 |
Formula Injection vulnerability in CSV export feature |
$0.0 |
191 |
HTML Injection through Account Name field on TikTok ads portal being rendered on emails |
$0.0 |
192 |
[Fixed] A vulnerability in KAVKIS 2020 products family allows full disabling of protection |
$0.0 |
193 |
RCE in ██████ subdomain via CVE-2017-1000486 |
$0.0 |
194 |
RCE on TikTok Ads Portal |
$0.0 |
195 |
RCE in 'Copy as Node Request' BApp via code injection |
$0.0 |
196 |
Brew bootstrap process is insecure |
$0.0 |
197 |
Code Injection via Insecure Yaml.load |
$0.0 |
198 |
Code Injection Bug Report |
$0.0 |
199 |
Team members can trigger arbitrary code execution in Slack Desktop Apps via HTML Notifications |
$0.0 |
200 |
PHP Code Injection through "previewBlock()" method |
$0.0 |
201 |
Persistant Arbitrary code execution in mattermost android |
$0.0 |
202 |
Regex Injection from request header (Rack::Sendfile, send_file) |
$0.0 |
203 |
Remote Code Execution through "Files_antivirus" plugin |
$0.0 |
204 |
Server-side Template Injection in lodash.js |
$0.0 |
205 |
Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) |
$0.0 |
206 |
Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) |
$0.0 |
207 |
SQL injection my method -1 OR 321=6 AND 000159=000159 |
$0.0 |
208 |
RCE Apache Struts2 remote command execution (S2-045) on [wifi-partner.mtn.com.gh] |
$0.0 |
209 |
CVE-2021-40870 on [52.204.160.31] |
$0.0 |
210 |
Custom crafted message object in Meteor.Call allows remote code execution and impersonation |
$0.0 |
211 |
RCE on 17 different Docker containers on your network |
$0.0 |
212 |
GlassWire 2.1.167 vulnerability - MSVR 56639 |
$0.0 |
213 |
CVE-2021-40870 in [███] |
$0.0 |
214 |
Dependency Confusion Vulnerability in Sifnode Due to Unclaimed npm Packages. |
$0.0 |
215 |
Log4j CVE-2021–44228 |
$0.0 |
216 |
DLL hijacking in Monero GUI for Windows 0.17.3.0 would allow an attacker to perform remote command execution |
$0.0 |
217 |
Log4Shell: RCE 0-day exploit on █████████ |
$0.0 |
218 |
Remote Code Execution on ██.8x8.com via .NET VSTATE Deserialization |
$0.0 |
219 |
Log4j Java RCE in [beta.dev.adobeconnect.com] |
$0.0 |
220 |
F5 BIG-IP TMUI RCE - CVE-2020-5902 (██.packet8.net) |
$0.0 |
221 |
███ vulnerable to CVE-2022-22954 |
$0.0 |
222 |
--libcurl code injection via trigraphs |
$0.0 |
223 |
██████████ vulnerable to CVE-2022-22954 |
$0.0 |
224 |
[Urgent] Critical Vulnerability [RCE] on ███ vulnerable to Remote Code Execution by exploiting MS15-034, CVE-2015-1635 |
$0.0 |
225 |
Arbitrary file download due to bad handling of Redirects in WebTorrent |
$0.0 |
226 |
Arbitrary file download via "Save .torrent file" option can lead to Client RCE and XSS |
$0.0 |
227 |
Server Side Template Injection on Name parameter during Sign Up process |
$0.0 |
228 |
Ingress-nginx annotation injection allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces |
$0.0 |
229 |
██████_log4j - https://██████ |
$0.0 |
230 |
solr_log4j - http://██████████ |
$0.0 |
231 |
[hta3] Remote Code Execution on https://███ via improper access control to SCORM Zip upload/import |
$0.0 |
232 |
Dependency confusion in https://github.com/hyperledger/aries-mobile-agent-react-native |
$0.0 |
233 |
Desktop client can be tricked into opening/executing local files when clicking a nc://open/ link |
$0.0 |
234 |
Synthetics Recorder: Code injection when recording website with malicious content |
$0.0 |
235 |
Remote Code Execution on ownCloud instances with ImageMagick installed |
$0.0 |
236 |
HTML injection in email at https://www.hackerone.com/ |
$0.0 |
237 |
[hta3] Remote Code Execution on ████ |
$0.0 |
238 |
Entire database of emails exposed through URN injection |
$0.0 |
239 |
Argument/Code Injection via ActiveStorage's image transformation functionality |
$0.0 |
240 |
RCE and DoS in Cosmovisor |
$0.0 |
241 |
Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) |
$0.0 |
242 |
Remote code execution via crafted pentaho report uploaded using default credentials for pentaho business server |
$0.0 |
243 |
Remote code execution and exfiltration of secret tokens by poisoning the mozilla/fxa CI build cache |
$0.0 |
244 |
Code exec on Github runner via Pull request name |
$0.0 |
245 |
Code execution in "ymon" WebService, reached after bypassing the anti-loopback blacklist through YQL and HTTP redirects |
$0.0 |
246 |
YQL: From CR/LF injection to root compromise |
$0.0 |
247 |
Low privileges (auth) Remote Command Execution - PHP file upload bypass. |
$0.0 |
248 |
PHP Code Injection through "Translate::save()" method |
$0.0 |
249 |
Authenticated RCE via page title |
$0.0 |
250 |
Cloudflare /cdn-cgi/ path allows resizing images from unauthorised sources on enjinusercontent.com |
$0.0 |
251 |
Account Takeover / Arbitrary File read and deletion / Partial code execution (intent redirection) |
$0.0 |
252 |
RCE by parsing .rdoc_options in RDoc |
$0.0 |
253 |
CSS Injection in Message Avatar |
$0.0 |