PT-2025-51761

NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering...

PT-2025-51404

Name of the Vulnerable Software and Affected Versions colabrio Norebro Extra versions through 1.6.8 Description The software contains an Improper Neutralization of Script-Related HTML Tags in a Web Page issue, which can lead to Code Injection. The issue is a Basic Cross-Site Scripting XSS...

DeepChat 代码注入漏洞

DeepChat is an intelligent assistant open-sourced by ThinkInAIXYZ. A code injection vulnerability exists in DeepChat versions prior to 0.5.3, which stems from a cross-site scripting issue in the Mermaid chart rendering component that could lead to remote code execution...

VulnCheck KEV: CVE-2021-34427

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance...

Fickling has Code Injection vulnerability via pty.spawn()

Fickling Assessment Based on the test case provided in the original report below, this bypass was caused by pty missing from our block list of unsafe module imports as previously documented in 108, rather than the unused variable heuristic. This led to unsafe pickles based on pty.spawn being...

CVE-2025-14730

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

CVE-2025-14730

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

CVE-2025-14729

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

CVE-2025-14729

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

CVE-2025-14730

CVE-2025-14730 affects CTCMS Content Management System up to version 2.1.2, focusing on an unknown function in /ctcms/libs/Ct_Config.php. Manipulation of the Cj_Add/Cj_Edit argument leads to code injection, enabling remote execution. The issue is associated with the Backend System Configuration M...

CVE-2025-14730 CTCMS Content Management System Backend System Configuration Ct_Config.php code injection

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

CVE-2025-14730 CTCMS Content Management System Backend System Configuration Ct_Config.php code injection

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

CVE-2025-14729 CTCMS Content Management System Backend App Configuration Ct_App.php save code injection

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

CVE-2025-14729

CVE-2025-14729 affects CTCMS Content Management System up to version 2.1.2. The vulnerability resides in the Save function of /ctcms/libs/Ct_App.php, in the Backend App Configuration Module, where manipulating the CT_App_Paytype argument enables code injection. Remote exploitation is possible and...

CVE-2025-14729 CTCMS Content Management System Backend App Configuration Ct_App.php save code injection

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

Exploit for Code Injection in Apache Dolphinscheduler

No d...

CLSA-2025-1765801059 python-setuptools: Fix of 2 CVEs

CVE-2024-6345: fix code injection vulnerability in package download functions - CVE-2025-47273: fix path traversal in PackageIndex.download leading to arbitrary file write...

CTCMS 代码注入漏洞

CTCMS Chibi CMS is a video content management system from China Chibi CMS CTCMS company. A code injection vulnerability exists in CTCMS 2.1.2 and earlier versions, which stems from the improper handling of the parameter CjAdd/CjEdit by the unknown function in the file /ctcms/libs/CtConfig.php,...

CTCMS 代码注入漏洞

CTCMS Chibi CMS is a video content management system from China Chibi CMS CTCMS company. A code injection vulnerability exists in CTCMS 2.1.2 and earlier versions, which originates from improper handling of the parameter CTAppPaytype in the Save function in the file /ctcms/libs/CtApp.php, which m...

PT-2025-51319

Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A code injection issue exists in CTCMS Content Management System. The issue is located in the Save function within the /ctcms/libs/Ct App.php file of the Backend App Configuratio...