Vulnerabilities

Update: CVE-2023-54339 - Webgrind 1.1 - Remote Command Execution (RCE) via dataFile Parameter

2026-01-14 0 views admin

CVE ID : CVE-2023-54339 Published : Jan. 13, 2026, 10:52 p.m. | 32 minutes ago Description : Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php. Attackers can execute arbitrary system commands by manipulating the dataFile parameter, such as using payload '0%27%26calc.exe%26%27' to execute commands on the target system. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2023-54339

Severity

CRITICAL

Published

Jan. 13, 2026

Affected Product: php

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2023-54339criticalphp

Update: CVE-2023-54339 - Webgrind 1.1 - Remote Command Execution (RCE) via dataFile Parameter

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2022-50937 - Ametys CMS v4.4.1 - Cross Site Scripting (XSS) (2026)

CVE-2022-50936 - WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated) (2026)

CVE-2022-50935 - FLAME II MODEM USB - Unquoted Service Path - Guide

CVE-2022-50934 - Wing FTP Server - Authenticated RCE - Complete Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting