36429 matches found
Lettura 代码注入漏洞
Lettura is an RSS reader developed by zhanglun. A code injection vulnerability exists in Lettura 0.1.22 and earlier versions, which originates from an incorrect operation of the src/components/ArticleView/ContentRender.tsx file of the component RSS Handler, and could lead to a cross-site scriptin...
Exploit for Code Injection in Microsoft
Reverse Shell-able Exploit POCs Sharing the list of Windows e...
Exploit for Code Injection in Microsoft
Reverse Shell-able Exploit POCs Sharing the list of Windows e...
Exploit for Code Injection in Symfony Twig
Successful Errors: New Code Injection and SSTI Techniques !R...
Arbitrary Code Injection
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Arbitrary Code Injection via the appstore.js REST API endpoint, which allows the installation of npm packages using unsanitized version specifiers. An administrator...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889-text4shell Description This script is a pe...
LigeroSmart 代码注入漏洞
LigeroSmart is a management platform for LigeroSmart open source. A code injection vulnerability exists in LigeroSmart versions 6.1.24 and earlier, which stems from the incorrect manipulation of the parameter REQUESTURI in the component Environment Variable Handler, and could lead to a cross-site...
QNAP Systems Malware Remover 代码注入漏洞
QNAP Systems Malware Remover is a built-in security application from Taiwan, China-based QNAP Systems. A code injection vulnerability exists in QNAP Systems Malware Remover, which stems from improper code generation controls that could lead to a bypass of protection mechanisms...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
Arbitrary Code Injection
Overview datamodel-code-generator is a Datamodel Code Generator Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of filenames used in generated headers. An attacker can provide a maliciously crafted filename containing Python syntax or esca...
Signal K Server 代码注入漏洞
Signal K Server is a ship centralized server for Signal K open source. A code injection vulnerability exists in Signal K Server versions prior to 2.19.0, which stems from the appstore interface passing version parameters directly to npm without cleaning them up, which could lead to arbitrary code...
PT-2026-1169
CVE-2025-22203 - Apache Struts Code Injection Vulnerability CVE ID : CVE-2025-22203 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...
wangmarket 代码注入漏洞
wangmarket is a privatized deploy your own SAAS cloud builder system for xnx3 individual developers in China. A code injection vulnerability exists in wangmarket 6.4 and earlier versions, which stems from the incorrect operation of the parameter Remark/Variable Value in the file /siteVar/save.do,...
EUVD-2025-206086
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
EUVD-2025-206088
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15394
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...
CVE-2025-15393
A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the function Save of the file cms/modules/kodicms/classes/kodicms/model/file.php of the component Layout API Endpoint. The manipulation of the argument content leads to code injection. The attack can be...