|
451
|
7.8 |
HIGH
Local
|
-
|
-
|
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attacke…
New
|
CWE-428
Unquoted Search Path or Element
|
CVE-2021-47945
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
452
|
7.5 |
HIGH
Network
|
-
|
-
|
memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character buffers into note fields. Attackers can generate a p…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47944
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
453
|
8.8 |
HIGH
Network
|
-
|
-
|
TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functio…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-47943
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
454
|
8.2 |
HIGH
Network
|
-
|
-
|
WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap co…
New
|
CWE-89
SQL Injection
|
CVE-2021-47941
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
455
|
9.8 |
CRITICAL
Network
|
-
|
-
|
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fi…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-47940
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
456
|
8.8 |
HIGH
Network
|
-
|
-
|
Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into mod…
New
|
CWE-94
Code Injection
|
CVE-2021-47939
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
457
|
8.8 |
HIGH
Network
|
-
|
-
|
ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by injecting malicious code…
New
|
CWE-94
Code Injection
|
CVE-2021-47938
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
458
|
8.8 |
HIGH
Network
|
-
|
-
|
e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Att…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-47937
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
459
|
9.8 |
CRITICAL
Network
|
-
|
-
|
OpenCATS 0.9.4 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by uploading malicious PHP files disguised as resume attachments. Att…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-47936
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
460
|
8.8 |
HIGH
Network
|
-
|
-
|
Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by injecting malicious pickle-serialized objects through the audit log e…
New
|
CWE-94
Code Injection
|
CVE-2021-47935
|
2026-05-10 22:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
