36529 matches found
CVE-2026-5848
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
CVE-2026-5848 jeecgboot JimuReport Data Source testConnection DriverManager.getConnection code injection
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
CVE-2026-5848 jeecgboot JimuReport Data Source testConnection DriverManager.getConnection code injection
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
CVE-2026-5848
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
CVE-2026-5848
CVE-2026-5848 affects jeecgboot JimuReport up to version 2.3.0. The vulnerability lies in the Data Source Handler’s testConnection path, specifically the function DriverManager.getConnection, where manipulating the argument dbUrl can lead to code injection. The issue can be exploited remotely and...
PT-2026-31669
A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check solution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. T...
Code-Projects Simple IT Discussion Forum 代码注入漏洞
Code-Projects Simple IT Discussion Forum is a simple forum developed by Code-Projects as open source. Version 1.0 of Code-Projects Simple IT Discussion Forum has a code injection vulnerability. This vulnerability stems from incorrect handling of the Category parameter in the file/edit-category.ph...
Code-Projects Online Shoe Store 代码注入漏洞
Code-Projects Online Shoe Store is an open-source online shoe store system developed by Code-Projects. Version 1.0 of Code-Projects Online Shoe Store contains a code injection vulnerability. This vulnerability arises from incorrect handling of the productname parameter in the file...
JimuReport 代码注入漏洞
JimuReport is a free reporting tool developed by JEECG in China. Versions of JimuReport 2.3.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter dbUrl in the DriverManager.getConnection function within the Data Source Handler...
MetaGPT 代码注入漏洞
MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from operations on the checksolution function within the HumanEvalBenchmark/MBPPBenchmark component, which could lead to code...
WAGO PLC 代码注入漏洞
WAGO PLC is a programmable logic controller developed by the German company WAGO. WAGO PLC has a code injection vulnerability, which stems from improper OpenVPN configuration. This vulnerability may lead to the execution of arbitrary commands...
Code-Projects Online Shoe Store 代码注入漏洞
Code-Projects Online Shoe Store is an open-source online shoe store system developed by Code-Projects. Version 1.0 of Code-Projects Online Shoe Store contains a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter productname in the file...
Code-Projects Online Shoe Store 代码注入漏洞
Code-Projects Online Shoe Store is an open-source online shoe store system developed by Code-Projects. Version 1.0 of Code-Projects Online Shoe Store contains a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter productname in the file...
PT-2026-31587
Name of the Vulnerable Software and Affected Versions jeecgboot JimuReport versions up to 2.3.0 Description A code injection issue exists in the Data Source Handler component of jeecgboot JimuReport, specifically within the DriverManager.getConnection function located in the...
Code-Projects Simple Laundry System 代码注入漏洞
Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a code...
CVE-2026-1516 Improper Control of Generation of Code ('Code Injection') in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...
CVE-2026-1516 Improper Control of Generation of Code ('Code Injection') in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...
CVE-2026-1516
CVE-2026-1516 affects GitLab Enterprise Edition (EE) with a vulnerability in Code Quality reports that could allow an authenticated user to leak IP addresses of users viewing the report through specially crafted content. Affected versions include all 18.0.0 up to, but not including, 18.8.9; all 1...
Arbitrary Code Injection
Overview praisonai is a PraisonAI TypeScript AI Agents Framework - Node.js, npm, and Javascript AI Agents Framework Affected versions of this package are vulnerable to Arbitrary Code Injection via the executecode function. An attacker can gain unauthorized access to the host environment, execute...
Arbitrary Code Injection
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...