CVE-2025-9120

CVE-2025-9120 : OpenText Carbonite Safe Server Backup is affected up to version 6.8.3 by an improper generation of code vulnerability (code injection). The issue can be exploited via an open port to potentially gain unauthorized access, with a CVSSv4.0 base score of 8.6 (HIGH) and local attack Ve...

CVE-2025-9120 RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

CVE-2025-9120 RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

EUVD-2025-207564

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

itsourcecode Event Management System 代码注入漏洞

itsourcecode Event Management System is an open-source event management system developed by itsourcecode. Version 1.0 of the itsourcecode Event Management System contains a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter “page” in the file...

Alinto SOGo 代码注入漏洞

Alinto SOGo is an open-source collaboration office software developed by Alinto. Versions 5.12.3 and 5.12.4 of Alinto SOGo contain a code injection vulnerability. This vulnerability stems from incorrect handling of parameter hints, which may lead to cross-site scripting attacks...

PT-2026-21583

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

OpenText Carbonite Safe Server Backup 代码注入漏洞

OpenText Carbonite Safe Server Backup is a hybrid cloud backup software developed by OpenText Corporation in Canada. Versions of OpenText Carbonite Safe Server Backup 6.8.3 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper code generation controls, whi...

SourceCodester Modern Image Gallery App 代码注入漏洞

SourceCodester Modern Image Gallery App is an open-source modern image gallery application developed by SourceCodester. Version 1.0 of the SourceCodester Modern Image Gallery App contains a code injection vulnerability, which stems from incorrect handling of the parameter filename in the upload.p...

ImageMagick 代码注入漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a code injection vulnerability. This vulnerability stemmed from the ps...

Horilla 代码注入漏洞

Horilla is a free open-source human resources software developed by Horilla Company. Versions of Horilla 1.0.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in the Leads Module component file static/assets/js/global.js, whic...

📄 SPIP Saisies 5.11.0 Remote Code Execution

Proof of concept exploit for a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected. Written in PHP...

BaykeShop 代码注入漏洞

BaykeShop is an e-commerce system developed by xingfuggz’s individual developers. Versions of BaykeShop prior to 1.3.20 have a code injection vulnerability. This vulnerability stems from improper handling of the parameter sidebar.content in the file...

Smart-SSO 代码注入漏洞

Smart-SSO is an authorization and authentication tool developed by Joe as a personal project. Versions of Smart-SSO 2.1.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect operations on the function “Save” in the file...

JeeWMS 代码注入漏洞

JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. Versions of JeeWMS 3.7 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the parameter ‘myEditor’ in the file...

Smart-SSO 代码注入漏洞

Smart-SSO is an authorization and authentication tool developed by Joe as a personal project. Versions of Smart-SSO 2.1.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of the redirectUri parameter in the...

07FLYCMS和07FlyCRM 代码注入漏洞

07FLYCMS is a free and open-source content management system developed by 07FLY Company in China. 07Fly and 07FLYCRM are customer relationship management systems created by 07FLY Company. 07FLYCMS and 07FlyCRM versions 1.2.9 and earlier have a code injection vulnerability. This vulnerability stem...

JeeWMS 代码注入漏洞

JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. JeeWMS versions 3.7 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of parameters in the file...

forest 代码注入漏洞

Forest is a modern knowledge community backend project developed by RYMCU. It is implemented using SpringBoot, Shiro, MyBatis, JWT, and Redis. Versions of Forest 0.0.5 and earlier have a code injection vulnerability. This vulnerability stems from incorrect operations in the updateUserInfo functio...

itsourcecode Student Management System 代码注入漏洞

itsourcecode Student Management System is an open-source student management system developed by itsourcecode. Version 1.0 of itsourcecode Student Management System has a code injection vulnerability, which may lead to cross-site scripting attacks...