36580 matches found
Exploit for Code Injection in Exiftool_Project Exiftool
CVE-2021-22204 취약점 exiftool 임의 명령 실행 사용법 1. exploit...
EUVD-2025-36162
A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...
CVE-2025-12266
A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...
CVE-2025-12266 Zytec Dalian Zhuoyun Technology Central Authentication Service widget _empty code injection
A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...
CVE-2025-12266 Zytec Dalian Zhuoyun Technology Central Authentication Service widget _empty code injection
A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...
CVE-2025-12266
CVE-2025-12266 affects Zytec Dalian Zhuoyun Technology Central Authentication Service. The vulnerability is in the function _empty of /index.php/auth/widget; manipulation of the parameters get.layer, get.widget, and get.action can trigger remote code injection. The exploit is public and can be us...
EUVD-2025-35984
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...
EUVD-2025-36005
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...
EUVD-2025-36041
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through = 10.1.1...
CVE-2025-62936
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-62897
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...
CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...
CVE-2025-62959
CVE-2025-62959 concerns the Paid Videochat Turnkey Site (ppv-live-webcams) WordPress plugin. The vulnerability stems from improper control of code generation, enabling Remote Code Inclusion/Execution for versions up to 7.3.22 (Authenticated/Admin access). Red Hat and NVD entries corroborate the R...
CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...
CVE-2025-62936
CVE-2025-62936 concerns WordPress theme/plugin xSmart (WordPress Theme: xSmart) with versions up to and including 1.2.9.4. The issue is Improper Neutralization of Script-Related HTML Tags in a Web Page, i.e., a Basic XSS vulnerability that can enable Code Injection. The vulnerability affects the ...
CVE-2025-62897 WordPress WP Recipe Maker plugin < 10.1.0 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...
Projectworlds Expense Management System 代码注入漏洞
Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of an unknown function in the file...
projectworlds Expense Management System 代码注入漏洞
Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Expense Management System, which stems from an incorrect manipulation of an unknown function in the file...
WordPress plugin WP Recipe Maker 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
OpenWGA 代码注入漏洞
OpenWGA is an OpenWGA open source content management system and web application development platform. A code injection vulnerability exists in OpenWGA version 7.11.12 Build 737, which stems from a cross-site scripting vulnerability in the Admin UI component...