217 matches found
WordPress plugin Webling 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-30708
Name of the Vulnerable Software and Affected Versions Anthropic Claude Code CLI and Claude Agent SDK affected versions not specified Description Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection issue in authentication helper execution. Helper configuration values are...
Ech0: Unauthenticated SSRF in GetWebsiteTitle allows access to internal services and cloud metadata
Summary The GET /api/website/title endpoint accepts an arbitrary URL via the websiteurl query parameter and makes a server-side HTTP request to it without any validation of the target host or IP address. The endpoint requires no authentication. An attacker can use this to reach internal network...
EUVD-2026-17129
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
CVE-2026-29909
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
GHSA-364Q-W7VH-VHPC OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file...
CVE-2026-25570
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK does not perform checks on input values potentially resulting in stack overflow. This could allow an attacker to perform code execution and denial of service...
CVE-2026-24105
An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18multi. The value of v1 was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd...
EUVD-2018-21615
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
openDCIM 操作系统命令注入漏洞
openDCIM is an open-source data center inventory management DCIM application. Version 23.04 of openDCIM contains a vulnerability related to operating system command injection. This vulnerability stems from the lack of validation or cleanup of user input in the reportnetworkmap.php file, which may...
CVE-2025-56605
A reflected Cross-Site Scripting XSS vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute...
CVE-2026-25814
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without validation or sanitization...
CVE-2025-65264
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...
ALGO 8180 IP Audio Alerter: Cross-site scripting vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a cross-site scripting vulnerability. This vulnerability stems from the lack of validation of user input during the system log viewing function, which may lead to storage-based cross-site...
PT-2026-3554
HTML injection vulnerability in multiple Botble products such as TransP, Athena, Martfury, and Homzen, consisting of an HTML injection due to a lack of proper validation of user input by sending a request to '/search' using the 'q' parameter...
CVE-2025-40977 Multiple vulnerabilities in WorkDo products
Stored Cross-Site Scripting XSS vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POST request to ‘/store-ticket’, using the ‘subject’ and ‘description’ parameters...
CVE-2023-40800
The compareparentcontroltime function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45cn...
CVE-2025-66203
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...
📄 YOURLS 1.8.2 SQL Injection
Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2. ============================================================================================================================================= | Title : YOURLS 1.8.2 SQL Injection & System Compromise in Administrati...