WordPress plugin s2Member 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injectio...

WordPress Plugin Kalium 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injecti...

WordPress plugin Alone Theme 安全漏洞

The WordPress Alone Theme plugin is a premium theme for creating photography-based websites that sells close to 10,000 copies in the Envato marketplace and is mainly used by non-profit organizations e.g. charities, fundraising organizations, etc.. WordPress Alone Theme plugin suffers from a code...

LibreChat 代码注入漏洞

LibreChat is an enhanced ChatGPT clone by Danny Avila Personal Developer. A code injection vulnerability exists in LibreChat version 0.7.9, which stems from unvalidated input of the Accept-Language header and could lead to a cross-site scripting attack...

PT-2025-43190

Name of the Vulnerable Software and Affected Versions Laborator Kalium kalium versions through 3.25 Description A code injection issue exists in Laborator Kalium kalium. The issue allows for code injection. Recommendations Update Laborator Kalium kalium to a version later than 3.25...

Wordpress Plugin doctreat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

WordPress plugin WP Last Modified Info Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress plugin WP...

CVE-2025-62697

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

EUVD-2025-35095

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

CVE-2025-62697

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

UBUNTU-CVE-2025-62697

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

CVE-2025-62697 Improperly sanitized style parameter in LanguageSelector

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

CVE-2025-62697

Summary (CVE-2025-62697) : A code injection vulnerability exists in the Wikimedia Foundation’s MediaWiki LanguageSelector Extension due to improper neutralization of special elements in output used by downstream components. Affected: LanguageSelector Extension for MediaWiki, specifically versions...

CVE-2025-62697 Improperly sanitized style parameter in LanguageSelector

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

GHSA-825G-MM5V-GGQ4 Apache Syncope allows malicious administrators to inject Groovy code

Apache Syncope offers the ability to extend / customize the base behavior on every deployment by allowing to provide custom implementations of a few Java interfaces; such implementations can be provided either as Java or Groovy classes, with the latter being particularly attractive as the machine...

Exploit for Code Injection in Microsoft

It is an offensive tool for web exploitation. The repository con...

DataEase H2 JDBC Injection Code Execution Vulnerability

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase H2.java handles JDBC connection validation with a code injection...

MediaWiki - LanguageSelector Extension 安全漏洞

Mediawiki - LanguageSelector Extension is an extension for MediaWiki to provide multi-language support, allowing users to select and configure the interface language. A code injection vulnerability exists in Mediawiki - LanguageSelector Extension, which stems from improper neutralization of speci...

DataEase DB2/MongoDB JNDI Code Injection Vulnerability

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . A code injection vulnerability exists in DataEase DB2/MongoDB JDBC...

LogicalDOC Community Edition 代码注入漏洞

LogicalDOC Community Edition is a documentation system from the Italian company LogicalDOC. A code injection vulnerability exists in LogicalDOC Community Edition 9.2.1 and earlier versions, which arises from incorrect manipulation of the parameters First Name/Last Name/Company/Address/Phone/Mobil...