Code-Projects Online Food Ordering System 代码注入漏洞

The Code-Projects Online Food Ordering System is an open-source online ordering system developed by Code-Projects. Version 1.0 of the Code-Projects Online Food Ordering System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Name” in the...

HCL Aftermarket DPC 安全漏洞

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an input validation error vulnerability that can be exploited by an attacker to inject executable code and perform cross-site scripting, SQL injection, command injectio...

Code-Projects Accounting System 代码注入漏洞

Code-Projects Accounting System is an accounting system open sourced by Code-Projects. Version 1.0 of the Code-Projects Accounting System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter costumername in the file /myaccount/addcostumer.php, whic...

Code-Projects Online Food Ordering System 代码注入漏洞

Code-Projects Online Food Ordering System is an open-source online meal ordering system developed by Code-Projects. Version 1.0 of the Code-Projects Online Food Ordering System contains a code injection vulnerability. This vulnerability arises from incorrect handling of parameters in the...

itsourcecode Payroll Management System 代码注入漏洞

itsourcecode Payroll Management System is an open-source payroll management system developed by itsourcecode. Versions of itsourcecode Payroll Management System 1.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in the...

MuuCmf 代码注入漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file admin/extend/list.html, which may lead to cross-site scripting attacks...

MuuCmf 代码注入漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version MuuCmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters named “Name” in the file “admin/config/list.html”, which may lead to cross-site...

MuuCmf 代码注入漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file admin/Member/index.html, specifically the parameter Search, which may...

MuuCmf 代码注入漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters named "keyword" in the file channel/admin.Account/autoReply.html, which may lead t...

Code-Projects Simple Laundry System 代码注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a code...

PT-2026-28574

Name of the Vulnerable Software and Affected Versions Happy DOM versions 15.10.0 through 20.8.7 Description Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. Versions 15.10.0 through 20.8.7 contain a code injection issue in the ECMAScriptModuleCompile...

PT-2026-28295

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The software suffers from Improper Input Validation, enabling an attacker to inject executable code. This could lead to attacks such as Cross-Site Scripting XSS, SQL Injection, an...

Arbitrary Code Injection

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Arbitrary Code Injection via the Merge node's Combine by SQL mode. An authenticated user with permissions to create or modify workflows can execute arbitrary code and access sensitive files on the...

EUVD-2026-15931

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

EUVD-2026-15889

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through = 3.5.6.1...

EUVD-2026-15728

Improper Control of Generation of Code 'Code Injection' vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through = 2.3.9...

EUVD-2026-15759

Improper Control of Generation of Code 'Code Injection' vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through = 4.12.0...

EUVD-2026-15689

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

EUVD-2026-15609

Improper Control of Generation of Code 'Code Injection' vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through = 4.0.12...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...