2 matches found
CVE-2025-3466
langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictio...
CMSQLite - SQL Injection
CMSQLite - SQL Injection Vulnerability ID: HTB22462 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityincmsqlite1.html Product: CMSQLite Vendor: CMSQLite-Team Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type: SQL Injection...