Lucene search
K

389 matches found

CVE
CVE
added 2025/11/19 3:47 p.m.27 views

CVE-2025-10703

CVE-2025-10703 is a code injection vulnerability tied to the SpyAttribute log=(file) option in Progress DataDirect JDBC drivers and related DataDirect products (DataDirect Connect for JDBC, OpenAccess JDBC, Hybrid Data Pipeline JDBC/Server). The issue arises when an application allows an end user...

8.6CVSS6.4AI score0.00267EPSS
Exploits0References1
CVE
CVE
added 2025/11/19 3:46 p.m.22 views

CVE-2025-10702

CVE-2025-10702 is a code-injection vulnerability in Progress DataDirect JDBC family (DataDirect Connect for JDBC, OpenAccess JDBC, and Hybrid Data Pipeline). The issue centers on the SpyAttribute connection option, which can be used with an undocumented syntax to load an arbitrary class on the cl...

8.6CVSS6.8AI score0.00267EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/19 3:46 p.m.3 views

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

8.6CVSS6.8AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.13 views

Progress多款产品 代码注入漏洞

Progress Hybrid Data Pipeline and others are products of Progress, Inc.Progress Hybrid Data Pipeline is a data pipeline software.Progress Hybrid Data Pipeline Server is a data pipeline server. Progress DataDirect Connect for JDBC is a set of high-performance JDBC drivers. A code injection...

8.6CVSS7.7AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.5 views

PT-2025-47466

Name of the Vulnerable Software and Affected Versions Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 Progress DataDirect Connect for JDBC for Hive versions through...

8.6CVSS7.8AI score0.00267EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.4 views

Progress多款产品 代码注入漏洞

Progress Hybrid Data Pipeline and others are products of Progress, Inc.Progress Hybrid Data Pipeline is a data pipeline software.Progress Hybrid Data Pipeline Server is a data pipeline server. Progress DataDirect Connect for JDBC is a set of high-performance JDBC drivers. A code injection...

8.6CVSS7.9AI score0.00267EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 3:54 p.m.5 views

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS7.2AI score0.00436EPSS
Exploits0References1
NVD
NVD
added 2025/11/06 4:15 p.m.4 views

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS0.00436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 3:53 p.m.2 views

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS6.8AI score0.00436EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 3:53 p.m.5 views

EUVD-2025-38015

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

6.6AI score0.00436EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 3:53 p.m.8 views

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS0.00436EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:53 p.m.31 views

CVE-2025-49372

CVE-2025-49372 is an unauthenticated remote code execution in WordPress HAPPY plugin &lt;= 1.0.7 (VillaTheme HAPPY happy-helpdesk-support-ticket-system) caused by Improper Control of Generation of Code (Code Injection) leading to Remote Code Inclusion. Red Hat and NVD entries corroborate the same...

10CVSS6.8AI score0.00436EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.2 views

WordPress plugin HAPPY 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injecti...

10CVSS7.7AI score0.00436EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-45206

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS7.2AI score0.00436EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.5 views

CVE-2025-62959

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

9.1CVSS5.9AI score0.00417EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 3:30 a.m.5 views

EUVD-2025-35984

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...

9.1CVSS6.6AI score0.00417EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.15 views

CVE-2025-62959

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

9.1CVSS0.00417EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

WordPress plugin Paid Videochat Turnkey Site 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

9.1CVSS7AI score0.00417EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-43833

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...

9.1CVSS7.1AI score0.00417EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/23 3:14 p.m.5 views

CVE-2025-52756

Improper Control of Generation of Code 'Code Injection' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through = 1.9.4...

7.4CVSS5.9AI score0.00249EPSS
Exploits0References1
Rows per page
Query Builder