PT-2026-43395

Name of the Vulnerable Software and Affected Versions PbootCMS version 3.2.11 Description Code injection is possible within the site configuration functionality. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2026-36239

PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...

Blitz 代码注入漏洞

Blitz is an open-source full-stack Next.js development toolkit developed by Blitz. Versions of Blitz 3.0.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an unknown function in the packages/generator/templates/app/src/app/auth/components/LoginForm.tsx file,...

itsourcecode Electronic Judging System 代码注入漏洞

itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System contains a code injection vulnerability. This vulnerability arises from improper handling of the fname parameter in the...

IBM HTTP Server 代码注入漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain code injection vulnerabilities. These vulnerabilities stem from configurations involving TLS mutual authentication, which may lead to remote...

ThingsBoard 代码注入漏洞

ThingsBoard is a Java-based platform developed by the ThingsBoard team, used for monitoring, managing, and data collection of IoT devices. Versions of ThingsBoard 4.3.1.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the...

PbootCMS 安全漏洞

PbootCMS is an open-source enterprise website content management system developed using the PHP language. Version PbootCMS 3.2.11 contains a security vulnerability, which stems from code injection in the site configuration function...

teable 代码注入漏洞

Teable is an open-source online no-code database platform developed by Teable. Versions of Teable 1.9.x and earlier contained a code injection vulnerability. This vulnerability stemmed from an unknown feature in the Sign-up component’s file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx,...

Student Management System 代码注入漏洞

Student Management System is a student management system developed by Krishanmurariji. There is a code injection vulnerability in Student Management System. This vulnerability stems from improper handling of the Name parameter in the addStudent function of the Students Controller component, which...

OpenKM 代码注入漏洞

OpenKM is a document management system developed by OpenKM Company in Spain. This system offers features such as version control, file history, and file sharing. Version OpenKM 6.3.12 has a code injection vulnerability. This vulnerability arises from allowing authenticated administrators to submi...

WordPress plugin Nyla 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

SourceCodester Hospitals Patient Records Management System 代码注入漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a code injection vulnerability. This vulnerability arises from...

CVE-2026-36239

PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...

Linux Distros Unpatched Vulnerability : CVE-2026-48844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection...

PT-2026-43205

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in SpabRice Nyla allows Code Injection. This issue affects Nyla: from n/a through 1.7...

CVE-2026-36239

PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 代码注入漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain a code injection vulnerability that can be exploited by remote code execution attacks...

CVE-2026-36239

CVE-2026-36239 involves PbootCMS where a code injection flaw exists in the site configuration handling. The connected exploit report specifically describes an authenticated RCE in PbootCMS v3.2.12 backend via the sitecopyright footer field, caused by insecure deserialization and output handling i...

PT-2026-43379

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

CVE-2026-24937

Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...