📄 Vvveb CMS 1.0.5 Remote Code Execution

Vvveb CMS is vulnerable to code injection via the Code Editor functionality. Unsanitized editing functionality allows attacker-controlled changes to existing files on the web-accessible filesystem, allowing remote authenticated attackers with access to the Code Editor to achieve code execution wh...

EUVD-2012-6600

Malware in sbrugna...

EUVD-2025-25612

Malicious code in bioql PyPI...

EUVD-2025-23568

Malicious code in bioql PyPI...

EUVD-2024-43133

Malicious code in bioql PyPI...

EUVD-2025-23407

Malicious code in bioql PyPI...

EUVD-2025-23569

Malicious code in bioql PyPI...

EUVD-2025-23408

Malicious code in bioql PyPI...

EUVD-2025-18134

Malicious code in bioql PyPI...

EUVD-2025-23405

Malicious code in bioql PyPI...

WordPress plugin File Manager, Code Editor, and Backup by Managefy 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosu...

PT-2025-40060

Name of the Vulnerable Software and Affected Versions The File Manager, Code Editor, and Backup by Managefy plugin for WordPress versions prior to 1.6.2 Description The plugin is susceptible to a sensitive information exposure issue due to publicly exposed log files. This allows unauthenticated...

WordPress plugin File Manager, Code Editor, and Backup by Managefy 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

CVE-2012-10054

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter,...

CVE-2012-10054 Umbraco CMS < 4.7.1 codeEditorSave.asmx RCE

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter,...

CVE-2012-10054

Umbraco CMS

CVE-2012-10054

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter,...

Umbraco CMS 安全漏洞

Umbraco CMS is a content management system from Umbraco, Denmark. A security vulnerability exists in Umbraco CMS versions prior to 4.7.1, which stems from the presence of path traversal in the codeEditorSave.asmx endpoint, which could lead to remote code execution...

CVE-2025-55012 Zed AI Agent Remote Code Execution

Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution RCE by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific...

CVE-2025-54135

Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the .cursor/mcp.json file...