CVE-2011-10026

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the searchinstanceeval parameter, which is dynamically invoked using Ruby’s send method. Thi...

CVE-2025-50567

Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare function, which uses pregreplace with the deprecated /e eval modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code...

CVE-2025-50567

Saurus CMS Community Edition 4.7.1 has a vulnerability in the custom DB::prepare() function that uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This allows injecting user-controlled SQL statements, potentially leading to arbitrary PHP code executio...

CVE-2025-55585

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...

CVE-2025-55585

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...

CVE-2025-55585

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...

Linux Distros Unpatched Vulnerability : CVE-2018-1999022

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method,...

TOTOLINK A3002R 安全漏洞

The TOTOLINK A3002R is a wireless router manufactured by China's Gion Electronics TOTOLINK, whose main function is to provide wireless network connectivity for home or small office environments. TOTOLINK A3002R suffers from a command injection vulnerability that stems from the presence of command...

Linux Distros Unpatched Vulnerability : CVE-2024-41921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command- line tool, affecting ROS distributions Noetic Ninjemys...

Malicious code in sutter-health-eval (npm)

The package sutter-health-eval was found to contain malicious code...

Malicious code in mongodb-chatbot-eval (npm)

The package mongodb-chatbot-eval was found to contain malicious code...

Malicious code in mergequeue-eval-mergequeue (npm)

The package mergequeue-eval-mergequeue was found to contain malicious code...

MAL-2025-26635 Malicious code in mongodb-chatbot-eval (npm)

The package mongodb-chatbot-eval was found to contain malicious code...

MAL-2025-26203 Malicious code in mergequeue-eval-mergequeue (npm)

The package mergequeue-eval-mergequeue was found to contain malicious code...

MAL-2025-34244 Malicious code in sutter-health-eval (npm)

The package sutter-health-eval was found to contain malicious code...

Exploit for CVE-2025-50881

CVE-2025-50881: Remote Code Execution in API Use it Flow via m...

Linux Distros Unpatched Vulnerability : CVE-2024-41148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command- line tool, affecting ROS distributions Noetic Ninjemys...

BIT-LIBPYTHON-2020-27619

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP...

Linux Distros Unpatched Vulnerability : CVE-2024-39289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. T...

Linux Distros Unpatched Vulnerability : CVE-2020-15664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would...