36531 matches found
WordPress plugin Armania 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-31190
CVE-2026-39625 Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects Tec… https://t.co/G5AXQK2cTi...
PT-2026-31205
CVE-2026-39640 Cross-Site Request Forgery CSRF vulnerability in mndpsingh287 Theme Editor theme-editor allows Code Injection.This issue affects Theme Editor: from n/a through = 3… https://t.co/jZUwbHXIkL...
WordPress plugin Uminex 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PraisonAI 代码注入漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.115 contained a code injection vulnerability, which was caused by unescaped user input, potentially leading to the execution of template expressions...
openstatus 代码注入漏洞
OpenStatus is an open-source status page and availability monitoring platform developed by OpenStatus. OpenStatus has a code injection vulnerability, which stems from the operation of the callbackURL parameter in the Onboarding endpoint component...
SourceCodester Sales and Inventory System 代码注入漏洞
The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from the handling of parameter IDs in t...
GitLab Enterprise Edition(EE) 代码注入漏洞
GitLab Enterprise Edition EE is a content management system developed by the American company GitLab. Versions of GitLab Enterprise Edition prior to 18.8.9, 18.9.5, and 18.10.3 contained a code injection vulnerability. This vulnerability stemmed from authorization issues in the code quality repor...
Gitlab -- vulnerabilities
Gitlab reports: Exposed Method issue in websocket connections impacts GitLab CE/EE Denial of Service issue in Terraform state lock API impacts GitLab CE/EE Denial of Service issue in GraphQL API impacts GitLab CE/EE Denial of Service issue in CSV import impacts GitLab CE/EE Denial of Service issu...
PT-2026-31274
Name of the Vulnerable Software and Affected Versions tagDiv Composer versions through 5.4.3 Description An Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS issue exists in tagDiv Composer td-composer, allowing Code Injection. This allows for potential code execution...
WordPress plugin TechOne 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Six Apart Movable Type 代码注入漏洞
Six Apart Movable Type is an application system developed by the Six Apart company in the United States. It offers features such as multi-user access, comments, Trackbacks, and themes. Six Apart Movable Type has a code injection vulnerability; this vulnerability can be exploited by code injection...
PT-2026-31191
CVE-2026-39626 Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Arm… https://t.co/tFnseFet6N...
WordPress plugin DukaMarket 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Code-Projects Easy Blog Site 代码注入漏洞
Code-Projects Easy Blog Site is an easy blog website developed by Code-Projects as open source. Version 1.0 of code-projects Easy Blog Site has a code injection vulnerability, which stems from the handling of the parameter postTitle in the file posts/update.php. This vulnerability may lead to...
Vim 代码注入漏洞
Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.316 contain a code injection vulnerability. This vulnerability stems from command injection, which may lead to the execution of arbitrary commands...
PT-2026-31107
Name of the Vulnerable Software and Affected Versions Movable Type affected versions not specified Description Movable Type contains a code injection vulnerability that could allow an attacker to execute arbitrary Perl script. This could lead to webshell access. Recommendations At the moment, the...
WordPress plugin tagDiv Composer 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...
PT-2026-31193
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...
PT-2026-31194
CVE-2026-39629 Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Umine… https://t.co/5c4rLY7NR8...