36520 matches found
changedetection.io 代码注入漏洞
changedetection.io is a website-based application developed by dgtlmoon, designed for code inspection, monitoring, and notification. Versions of changedetection.io prior to 0.54.4 contained a code injection vulnerability. This vulnerability stemmed from unvalidated or uncleaned XPath expressions,...
chartbrew 代码注入漏洞
Chartbrew is an open-source data visualization and dashboard building tool developed by Chartbrew. Versions of Chartbrew prior to 4.8.1 contained a code injection vulnerability. This vulnerability stemmed from the faulty API, which allowed remote code execution...
NatroMacro 代码注入漏洞
NatroMacro is an automated script tool for games, open-sourced by the Natro Team. Versions of NatroMacro prior to 1.1.0 contained a code injection vulnerability. This vulnerability stemmed from any ahk code in the execution mode or path files, allowing attackers to share files containing maliciou...
Microsoft Semantic Kernel Code Injection Vulnerability
Microsoft Semantic Kernel is a large model orchestration framework from Microsoft Corporation, USA. A code injection vulnerability exists in Microsoft Semantic Kernel versions prior to 1.39.4. The vulnerability stems from the InMemoryVectorStore filtering feature failing to properly filter specia...
HSC Cybersecurity Mailinspector 代码注入漏洞
HSC Cybersecurity Mailinspector is an email security management system developed by HSC Cybersecurity in France. Versions of HSC Cybersecurity Mailinspector 5.3.2-3 and earlier contain a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter...
chartbrew 代码注入漏洞
Chartbrew is an open-source data visualization and dashboard building tool developed by Chartbrew. Versions of Chartbrew prior to 4.8.1 contained a code injection vulnerability, which was caused by remote code execution vulnerabilities in MongoDB dataset queries...
Mesa 代码注入漏洞
Mesa is an open-source proxy modeling framework developed by Mesa developers. Versions of Mesa 3.5.0 and earlier contained a code injection vulnerability. This vulnerability occurred when untrusted code was checked out in the workflow, potentially allowing code execution...
CVE-2026-20008
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...
EUVD-2026-9784
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
EUVD-2026-9654
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
EUVD-2026-9531
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
CVE-2026-28134
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-27984
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-22390
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
CVE-2026-28134
CVE-2026-28134 is a confirmed RCE in Crocoblock JetEngine plugin for WordPress, affecting JetEngine versions up to and including 3.7.2. The issue is described as an improper control of code generation that enables Remote Code Inclusion/Execution. Multiple sources (NVD, Red Hat, CVE listings) corr...
CVE-2026-28134
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-28134 WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-27984
CVE-2026-27984 is a code injection (RCE) vulnerability in the Widget Options: Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin (Widget Options) affecting versions up to 4.1.3. The issue stems from improper control of code generation, enabling remote code execution. Th...
CVE-2026-27984 WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-27984
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...