OS Command Injection

@siteboon/claude-code-ui is vulnerable to OS Command Injection. The vulnerability is due to the use of execAsync with string interpolation of user-controlled Git parameters such as file, branch, message, and commit, which allows an authenticated attacker to execute arbitrary OS commands...

CVE-2026-31940

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicchacp.php, user-controlled request parameters are directly used to set the PHP session ID before loading global bootstrap. This leads to session fixation. This vulnerability is fixed in 1.11.38 and...

CVE-2026-31940

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicchacp.php, user-controlled request parameters are directly used to set the PHP session ID before loading global bootstrap. This leads to session fixation. This vulnerability is fixed in 1.11.38 and...

Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters

Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...

WordPress plugin SureForms 输入验证错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-31862 Cloud CLI has Command Injection via Multiple Parameters

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related API endpoints use execAsync with string interpolation of user-controlled parameters file, branch, message, commit, allowing authenticated attackers to...

CVE-2018-1000648

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User controlled parameters...

CVE-2025-60799

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...

AZL-76440 CVE-2025-39967 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...

CVE-2025-39967 fbcon: fix integer overflow in fbcon_do_set_font

In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...

CVE-2025-39967

CVE-2025-39967 affects the Linux kernel, specifically a vulnerability in fbcon_do_set_font where integer overflow in font size calculations could occur when processing user-controlled parameters. The issue stems from unsafe size calculations in CALC_FONTSZ(h, pitch, charcount) and related allocat...

EUVD-2018-1979

Malware in sbrugna...

EUVD-2022-32819

Malicious code in bioql PyPI...

PT-2025-28950 · Ruckus +1 · Smartzone +2

Name of the Vulnerable Software and Affected Versions: RUCKUS SmartZone SZ versions prior to 6.1.2p3 Refresh Build Description: RUCKUS SmartZone SZ is susceptible to an OS command injection issue through a specific parameter within an API route. Recommendations: Update RUCKUS SmartZone SZ to...

CVE-2021-31986

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage...

CVE-2018-1000650

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...

CVE-2023-2142 Nunjucks autoescape bypass leads to cross site scripting

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. A security vulnerability exists in PHP that originates when using the procopen command with array syntax, due to insufficient escaping, which allows a user to supply parameters to execute arbitrary commands in the Windows shell if...

Cross-Site Scripting (XSS)

nunjucks is vulnerable to Cross-Site Scripting XSS. The vulnerability is caused by a bypass of the html autoescape functionality when there are two user controlled parameters on the same line of a template, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

PT-2023-18187 · Nunjucks +1 · Nunjucks +1

Name of the Vulnerable Software and Affected Versions: Nunjucks versions prior to 3.2.4 Description: The issue allows bypassing the restrictions provided by the autoescape functionality in Nunjucks. If two user-controlled parameters are on the same line in the views, it is possible to inject...