CVE-2025-14856

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

CVE-2025-14856 y_project RuoYi getnames code injection

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

CVE-2025-14856 y_project RuoYi getnames code injection

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

EUVD-2025-204020

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

CVE-2025-14856

The CVE-2025-14856 entry concerns y_project RuoYi up to version 4.8.1. The vulnerability is due to manipulation of the fragment argument in the file /monitor/cache/getnames, which can lead to code injection. A remote attacker can exploit this, and public exploit information has been disclosed. Af...

CVE-2025-14837

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of the argument icp leads to code injection. The attack can be executed remotely. The exploit has bee...

PT-2025-52131

Improper Control of Generation of Code 'Code Injection' vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through = 1.5.13...

PT-2025-52196

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters Hotel Booking Lite motopress-hotel-booking-lite allows Remote Code Inclusion.This issue affects Hotel Booking Lite: from n/a through = 5.2.3...

WordPress plugin Javo Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

PT-2025-52360

Name of the Vulnerable Software and Affected Versions Azure Container Apps affected versions not specified Description An improper control of generation of code issue, also known as 'code injection', exists in Azure Container Apps. This allows an unauthorized attacker to execute code over a...

WordPress plugin colabrio Stockie Extra 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Microsoft Purview 代码注入漏洞

Microsoft Purview is a data security and management software from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Purview that originates from path traversal and could lead to network code execution...

TinaCMS 代码注入漏洞

TinaCMS is an open source headless CMS for Markdown, MDX and JSON from Tina Open Source. A code injection vulnerability exists in TinaCMS versions prior to 3.1.1, which stems from improper use of the gray-matter package and could lead to the execution of arbitrary code...

ZZCMS 代码注入漏洞

ZZCMS is a content management system CMS from the China ZZCMS team. A code injection vulnerability exists in ZZCMS version 2025, which stems from incorrect manipulation of the parameter icp in the back-end site settings module file /admin/siteconfig.php, which may lead to code injection...

WordPress plugin Molla 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Codigo 代码注入漏洞

Codigo is a Markdown editor by the individual developer Alfonz Montelibano. A code injection vulnerability exists in Codigo version 1.0.1, which stems from the ability to execute arbitrary system commands that could lead to remote code execution...

PT-2025-51988

Name of the Vulnerable Software and Affected Versions y project RuoYi versions up to 4.8.1 Description A security issue exists in y project RuoYi, potentially allowing for remote code injection. The issue is related to manipulation of the fragment argument within an unknown function in the...

PT-2025-52383

Name of the Vulnerable Software and Affected Versions Hugging Face Transformers affected versions not specified Description A flaw exists within the convert config function in Hugging Face Transformers that allows remote attackers to execute arbitrary code on affected installations. Exploitation...

PT-2025-52129

Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...

Microsoft Azure Container Apps 代码注入漏洞

Microsoft Azure Container Apps is a serverless container platform from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Azure Container Apps that stems from improper code generation controls and could lead to an unauthorized attacker executing code over the network...