Lucene search
K

36580 matches found

GithubExploit
GithubExploit
added 2025/10/27 3:59 p.m.205 views

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204 취약점 exiftool 임의 명령 실행 사용법 1. exploit...

7.8CVSS7.6AI score0.99981EPSS
Exploits39
EUVD
EUVD
added 2025/10/27 12:32 p.m.6 views

EUVD-2025-36162

A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...

6.5CVSS6.4AI score0.00345EPSS
Exploits0References5
NVD
NVD
added 2025/10/27 11:15 a.m.4 views

CVE-2025-12266

A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...

6.5CVSS0.00345EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/27 11:2 a.m.3 views

CVE-2025-12266 Zytec Dalian Zhuoyun Technology Central Authentication Service widget _empty code injection

A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...

6.5CVSS6.4AI score0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/27 11:2 a.m.11 views

CVE-2025-12266 Zytec Dalian Zhuoyun Technology Central Authentication Service widget _empty code injection

A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in code injection. The...

6.5CVSS0.00345EPSS
Exploits0References4
CVE
CVE
added 2025/10/27 11:2 a.m.10 views

CVE-2025-12266

CVE-2025-12266 affects Zytec Dalian Zhuoyun Technology Central Authentication Service. The vulnerability is in the function _empty of /index.php/auth/widget; manipulation of the parameters get.layer, get.widget, and get.action can trigger remote code injection. The exploit is public and can be us...

6.5CVSS6.6AI score0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/27 3:30 a.m.5 views

EUVD-2025-35984

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...

9.1CVSS6.6AI score0.00417EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.5 views

EUVD-2025-36005

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

6AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.6 views

EUVD-2025-36041

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through = 10.1.1...

5.3CVSS6AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.7 views

CVE-2025-62936

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

4.3CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 2025/10/27 2:15 a.m.3 views

CVE-2025-62897

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...

5.3CVSS0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 1:34 a.m.10 views

CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

9.1CVSS0.00417EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:34 a.m.16 views

CVE-2025-62959

CVE-2025-62959 concerns the Paid Videochat Turnkey Site (ppv-live-webcams) WordPress plugin. The vulnerability stems from improper control of code generation, enabling Remote Code Inclusion/Execution for versions up to 7.3.22 (Authenticated/Admin access). Red Hat and NVD entries corroborate the R...

9.1CVSS5.9AI score0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:34 a.m.3 views

CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

9.1CVSS5.3AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:34 a.m.28 views

CVE-2025-62936

CVE-2025-62936 concerns WordPress theme/plugin xSmart (WordPress Theme: xSmart) with versions up to and including 1.2.9.4. The issue is Improper Neutralization of Script-Related HTML Tags in a Web Page, i.e., a Basic XSS vulnerability that can enable Code Injection. The vulnerability affects the ...

4.3CVSS6.2AI score0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:33 a.m.1 views

CVE-2025-62897 WordPress WP Recipe Maker plugin < 10.1.0 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...

5.3CVSS5.2AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of an unknown function in the file...

4.8CVSS4.2AI score0.00235EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Expense Management System, which stems from an incorrect manipulation of an unknown function in the file...

4.8CVSS4.2AI score0.00235EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.2 views

WordPress plugin WP Recipe Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS7.1AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

OpenWGA 代码注入漏洞

OpenWGA is an OpenWGA open source content management system and web application development platform. A code injection vulnerability exists in OpenWGA version 7.11.12 Build 737, which stems from a cross-site scripting vulnerability in the Admin UI component...

5.1CVSS4.9AI score0.00227EPSS
Exploits0References4
Rows per page
Query Builder