WordPress plugin Broadcast Live Video 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injection...

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open source browser-based open source IMAP client from Roundcube that supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.6.x 1.6.16 and 1.7.x 1.7.1 that stems from insecure...

Code-Projects Employee Management System 代码注入漏洞

Code-Projects Employee Management System is a Code-Projects open source employee management system. A code injection vulnerability exists in code-projects Employee Management System version 1.0, which originates from the manipulation of the parameter ID by an unknown function in the /applyleave.p...

SB Admin 代码注入漏洞

SB Admin is a Bootstrap based open source admin backend template by Yash Pokharna individual developer. SB Admin suffers from a code injection vulnerability that stems from manipulation of the parameter FIRSTNAME in the file /student.php, which could lead to a cross-site scripting attack. An...

SourceCodester Student Grades Management System 代码注入漏洞

SourceCodester Student Grades Management System is a SourceCodester open source student grades management system . SourceCodester Student Grades Management System version 1.0 has a code injection vulnerability , the vulnerability stems from the operation of the parameter Remarks in the file...

Code-Projects Employee Management System 代码注入漏洞

Code-Projects Employee Management System is a Code-Projects open source employee management system . A code injection vulnerability exists in code-projects Employee Management System version 1.0, which originates from manipulation of the parameter ID in the file /eloginwel.php, and could lead to...

Code-Projects Employee Management System 代码注入漏洞

Code-Projects Employee Management System is a Code-Projects open source employee management system . A code injection vulnerability exists in Code-Projects Employee Management System version 1.0, which originates from manipulation of the parameter ID in file /myprofile.php and could lead to...

SourceCodester Indian Invoicing System 代码注入漏洞

SourceCodester Indian Invoicing System is a SourceCodester open source Indian invoicing system. A code injection vulnerability exists in SourceCodester Indian Invoicing System version 1.0, which stems from manipulation of the parameter msg in the file /Invoicing/category.php, and could lead to...

CVE-2026-9353

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skillsguard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREATPATTERNS leads to injection. Remote exploitatio...

SourceCodester SUP Online Shopping 代码注入漏洞

SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping contains a code injection vulnerability. This vulnerability arises from improper handling of the productName parameter in the file...

vBulletin 代码注入漏洞

vBulletin is an open-source web forum software based on PHP and MySQL developed by vBulletin Inc. Version vBulletin 6.x has a code injection vulnerability, which stems from improper operation of the Login component and may lead to cross-site scripting attacks...

UBUNTU-CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

CVE-2026-9302

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

CVE-2026-9302 546669204 vps-inventory-monitoring VpsTest Console VpsTest.php eval code injection

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

EUVD-2026-31537

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

CVE-2026-9302 546669204 vps-inventory-monitoring VpsTest Console VpsTest.php eval code injection

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

CVE-2026-9302

546669204 vps-inventory-monitoring (VpsTest Console) is affected via the VpsTest.php file’s eval usage. The vulnerability arises from manipulating the argument vf in the function eval, allowing remote code execution. Public exploit exists. The project uses a rolling release, and the CVE record do...

vps-inventory-monitoring 代码注入漏洞

vps-inventory-monitoring is a web inventory monitoring tool developed by individual developer 546669204. vps-inventory-monitoring has a code injection vulnerability, which stems from the use of the eval function in the VpsTest Console component file app/index/command/VpsTest.php, specifically...