CVE-2026-7687 langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...

Langflow 注入漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow 1.8.4 and earlier have a injection vulnerability, which stems from a function in the component Full Builtins Module Handler: CodeParser.parsecallabledetails...

CVE-2026-1154

A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting. The attack can be...

EUVD-2026-3219

A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting. The attack can be...

EUVD-2024-49078

Malicious code in bioql PyPI...

CVE-2025-8772

A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack may ...

CVE-2025-8772

A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack m...

CVE-2025-8772 Vinades NukeViet Module index.php server-side request forgery

A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack m...

CVE-2025-8772 Vinades NukeViet Module index.php server-side request forgery

A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack m...

CVE-2025-8772

Vinades NukeViet up to version 4.5.06 contains a server-side request forgery (SSRF) in the Module Handler’s file path /admin/index.php?language=en&nv=upload. A remote attacker could exploit this via unknown processing of that file path, with exploitation reportedly disclosed publicly. Several sou...

CVE-2024-8304

A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template Module Handler. The manipulation leads to path traversal. The attack can be launched remotely. The...

CVE-2024-8304

A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template Module Handler. The manipulation leads to path traversal. The attack can be launched remotely. The...

CVE-2024-8304 jpress Template Module edit path traversal

A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template Module Handler. The manipulation leads to path traversal. The attack can be launched remotely. The...

PT-2024-38929 · Jpress · Jpress

Name of the Vulnerable Software and Affected Versions: jpress versions up to 5.1.1 Description: A critical vulnerability has been found in the Template Module Handler component of jpress, affecting an unknown functionality of the file /admin/template/edit. The manipulation leads to path traversal...

The vulnerability of the php_handler function (sapi/apache2handler/sapi_apache2.c) in the PHP programming language allows a perpetrator to execute arbitrary code.

The vulnerability of the phphandler function sapi/apache2handler/sapiapache2.c in the Apache HTTP Server, a PHP programming language interpreter, exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...