36545 matches found
Arbitrary Code Injection
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Arbitrary Code Injection via the appstore.js REST API endpoint, which allows the installation of npm packages using unsanitized version specifiers. An administrator...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889-text4shell Description This script is a pe...
QNAP Systems Malware Remover 代码注入漏洞
QNAP Systems Malware Remover is a built-in security application from Taiwan, China-based QNAP Systems. A code injection vulnerability exists in QNAP Systems Malware Remover, which stems from improper code generation controls that could lead to a bypass of protection mechanisms...
LigeroSmart 代码注入漏洞
LigeroSmart is a management platform for LigeroSmart open source. A code injection vulnerability exists in LigeroSmart versions 6.1.24 and earlier, which stems from the incorrect manipulation of the parameter REQUESTURI in the component Environment Variable Handler, and could lead to a cross-site...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
Arbitrary Code Injection
Overview datamodel-code-generator is a Datamodel Code Generator Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of filenames used in generated headers. An attacker can provide a maliciously crafted filename containing Python syntax or esca...
Signal K Server 代码注入漏洞
Signal K Server is a ship centralized server for Signal K open source. A code injection vulnerability exists in Signal K Server versions prior to 2.19.0, which stems from the appstore interface passing version parameters directly to npm without cleaning them up, which could lead to arbitrary code...
wangmarket 代码注入漏洞
wangmarket is a privatized deploy your own SAAS cloud builder system for xnx3 individual developers in China. A code injection vulnerability exists in wangmarket 6.4 and earlier versions, which stems from the incorrect operation of the parameter Remark/Variable Value in the file /siteVar/save.do,...
PT-2026-1169
CVE-2025-22203 - Apache Struts Code Injection Vulnerability CVE ID : CVE-2025-22203 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...
EUVD-2025-206086
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
EUVD-2025-206088
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
CVE-2025-15394 iCMS POST Parameter ConfigAdmincp.php save code injection
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15394 iCMS POST Parameter ConfigAdmincp.php save code injection
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15394
CVE-2025-15394 affects iCMS up to version 8.0.0. The vulnerability resides in the Save function of app/config/ConfigAdmincp.php (POST Parameter Handler). Manipulating the config argument results in code injection. The issue can be exploited remotely, and public exploit code is available. Multiple...
CVE-2025-15393 Kohana KodiCMS Layout API Endpoint file.php save code injection
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...