CVE-2026-7677 kerwincui FastBee System Notice SysNoticeController.java add cross site scripting

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

CVE-2026-2850

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...

CVE-2025-64048

Affected software/component: YCCMS 3.4, specifically the article management functionality in ArticleAction.class.php. Vulnerability: Stored cross-site scripting (XSS) in the article title input. The root cause is improper neutralization/validation of user-supplied data in the add() and getPost() ...

EUVD-2020-14418

Malware in sbrugna...

EUVD-2020-14419

Malware in sbrugna...

CVE-2020-21650

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\point.php, which can be exploited via the add method...

PT-2025-15249 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the add method of the "/add/parentId" endpoint, which does not properly validate whether the requesting user has permission to add a menu...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection due to improper authorization via the add method in controller\Index.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for funadmin/funadmin...

Apfloat 安全漏洞

Apfloat is a high-performance arbitrary-precision arithmetic library from the individual developer Mikko Tommila. A security vulnerability exists in Apfloat version v1.10.1, which stems from a null pointer exception contained in the component org.apfloat.internal.DoubleCRTMath adddouble, double...

VulnCheck KEV: CVE-2020-21650

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...

CVE-2020-21650

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...

CVE-2020-21650

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\point.php, which can be exploited via the add method...

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\point.php, which can be exploited via the add method...

Remote code execution

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...

Remote code execution

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\point.php, which can be exploited via the add method...

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\point.php, which can be exploited via the add method...

CVE-2020-21650

CVE-2020-21650 concerns Myucms v2.2.1 with a remote code execution vulnerability in the component \controller\Config.php , exploitable via the add() method. The connected sources consistently identify an RCE condition but do not provide specific root-cause details or official patch versions. Some...

CVE-2020-21650

Myucms v2.2.1 contains a remote code execution RCE vulnerability in the component \controller\Config.php, which can be exploited via the add method...