Page 3 of 57575 results (0.035 seconds)

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1

07 Jul 2025 — This vulnerability affects unknown code of the file /intranet/educar_curso_det.php? • https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README13.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1

07 Jul 2025 — A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README12.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1

07 Jul 2025 — Davon betroffen ist unbekannter Code der Datei /intranet/educar_aluno_beneficio_lst.php der Komponente Student Benefits Registration. • https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README11.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 1

07 Jul 2025 — The manipulation of the argument db_pass leads to code injection. It is possible to initiate the attack remotely. ... Durch Manipulieren des Arguments db_pass mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://note-hxlab.wetolink.com/share/6wemW8CnOMbu • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecting crafted content into a container. • https://github.com/YX-hueimie/CVE-Issues/blob/main/CVE-2025-45479.md •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

07 Jul 2025 — The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. ... This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppServer service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT HMITool. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT HMITool. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT HMITool. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •