CesiumGS CesiumJS 代码注入漏洞

CesiumGS CesiumJS is a JavaScript library created by CesiumGS Company in the United States, designed for creating and displaying three-dimensional Earth and geospatial data visualizations. Versions of CesiumGS CesiumJS 1.137.0 and earlier contained a code injection vulnerability. This vulnerabili...

CampCodes Division Regional Athletic Meet Game 代码注入漏洞

CampCodes Division Regional Athletic Meet Game is a sports competition system developed by the Philippines-based company CampCodes. Version 2.1 of CampCodes Division Regional Athletic Meet Game has a code injection vulnerability. This vulnerability stems from incorrect handling of the gamename...

OpenClaw 代码注入漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

CampCodes Division Regional Athletic Meet Game 代码注入漏洞

CampCodes Division Regional Athletic Meet Game is a sports competition system developed by the Philippines-based company CampCodes. Version 2.1 of CampCodes Division Regional Athletic Meet Game has a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter...

EUVD-2026-11403

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

CVE-2026-3955

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

CVE-2026-3955 elecV2P jsfile Endpoint wbjs.js runJSFile code injection

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

CVE-2026-3955 elecV2P jsfile Endpoint wbjs.js runJSFile code injection

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

CVE-2026-3955

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

CVE-2026-3955

The CVE-2026-3955 entry affects elecV2P up to version 3.8.3. The vulnerable component is the function runJSFile in file source-code/elecV2P-master/webser/wbjs.js of the jsfile Endpoint, with code injection as the underlying issue. Attacker can potentially exploit remotely, and public disclosure o...

Arbitrary Code Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Code Injection via the upstream API requests. An attacker can execute arbitrary code by injecting malicious prompts into requests. Remediation There is no fixed version for...

CVE-2026-20116 Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

A vulnerability in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise Packaged CCE, Cisco Unified Contact Center Enterprise Unified CCE, Cisco Unified Contact Center Express Unified CCX, and Cisco Unified Intelligence Center could allow an unauthenticate...

Arbitrary Code Injection

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Arbitrary Code Injection via the BaseElementSelectConditionRule::getElementIds function. An attacker can execute arbitrary code by sending a crafted condition rule through standard element...

EUVD-2026-11087

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

CVE-2026-20892

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

CVE-2026-20892

CVE-2026-20892 : A code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, where an administrator may execute arbitrary commands. The entry provides CVSS metrics (3.0 and 4.0 schemas) indicating high impact across confidentiality, integrity, and availability with network attack vector a...

EUVD-2026-11088

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

CVE-2026-20892

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

CVE-2026-20892

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

PT-2026-24842

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...