CWE-94
Allowed-with-ReviewImproper Control of Generation of Code ('Code Injection')
Abstraction: Base · Status: Draft
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
8306 vulnerabilities reference this CWE, most recent first.
CVE-2026-4225 (GCVE-0-2026-4225)
Vulnerability from cvelistv5 – Published: 2026-03-16 07:32 – Updated: 2026-03-16 17:15 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/?id.351148 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351148 | signaturepermissions-required |
| https://vuldb.com/?submit.770530 | third-party-advisory |
| https://github.com/feixuezhi/cms/wiki | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | CMS Made Simple |
Affected:
2.2.0
Affected: 2.2.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.2.4 Affected: 2.2.5 Affected: 2.2.6 Affected: 2.2.7 Affected: 2.2.8 Affected: 2.2.9 Affected: 2.2.10 Affected: 2.2.11 Affected: 2.2.12 Affected: 2.2.13 Affected: 2.2.14 Affected: 2.2.15 Affected: 2.2.16 Affected: 2.2.17 Affected: 2.2.18 Affected: 2.2.19 Affected: 2.2.20 Affected: 2.2.21 cpe:2.3:a:cms_made_simple:cms_made_simple:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4225",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T17:15:33.711154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T17:15:48.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:cms_made_simple:cms_made_simple:*:*:*:*:*:*:*:*"
],
"modules": [
"User Management Module"
],
"product": "CMS Made Simple",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.6"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.11"
},
{
"status": "affected",
"version": "2.2.12"
},
{
"status": "affected",
"version": "2.2.13"
},
{
"status": "affected",
"version": "2.2.14"
},
{
"status": "affected",
"version": "2.2.15"
},
{
"status": "affected",
"version": "2.2.16"
},
{
"status": "affected",
"version": "2.2.17"
},
{
"status": "affected",
"version": "2.2.18"
},
{
"status": "affected",
"version": "2.2.19"
},
{
"status": "affected",
"version": "2.2.20"
},
{
"status": "affected",
"version": "2.2.21"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "feioklucy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation of the argument Message results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T07:32:07.692Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351148 | CMS Made Simple User Management listusers.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351148"
},
{
"name": "VDB-351148 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351148"
},
{
"name": "Submit #770530 | cms made simple 2.2.21 XSS",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770530"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/feixuezhi/cms/wiki"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T19:41:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "CMS Made Simple User Management listusers.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4225",
"datePublished": "2026-03-16T07:32:07.692Z",
"dateReserved": "2026-03-15T18:36:51.235Z",
"dateUpdated": "2026-03-16T17:15:48.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4186 (GCVE-0-2026-4186)
Vulnerability from cvelistv5 – Published: 2026-03-15 19:02 – Updated: 2026-03-17 15:19 Unsupported When Assigned| URL | Tags |
|---|---|
| https://vuldb.com/?id.351092 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351092 | signaturepermissions-required |
| https://vuldb.com/?submit.769842 | third-party-advisory |
| https://magnificent-dill-351.notion.site/JSONP-In… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4186",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T15:19:31.586963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T15:19:44.695Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"JSONP Callback Handler"
],
"product": "UEditor",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.4.3.0"
},
{
"status": "affected",
"version": "1.4.3.1"
},
{
"status": "affected",
"version": "1.4.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "s0l42 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T19:02:06.956Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351092 | UEditor JSONP Callback controller.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351092"
},
{
"name": "VDB-351092 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351092"
},
{
"name": "Submit #769842 | ueditor 1.4.3.2 jsonp injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769842"
},
{
"tags": [
"exploit"
],
"url": "https://magnificent-dill-351.notion.site/JSONP-Injection-in-ueditor-1-4-3-2-317c693918ed80cbb96dc8e1a9f0e8b2"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T23:09:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "UEditor JSONP Callback controller.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4186",
"datePublished": "2026-03-15T19:02:06.956Z",
"dateReserved": "2026-03-14T22:04:07.676Z",
"dateUpdated": "2026-03-17T15:19:44.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4175 (GCVE-0-2026-4175)
Vulnerability from cvelistv5 – Published: 2026-03-15 10:32 – Updated: 2026-03-17 15:16 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/?id.351083 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351083 | signaturepermissions-required |
| https://vuldb.com/?submit.769827 | third-party-advisory |
| https://github.com/aureuserp/aureuserp/pull/939 | issue-trackingpatch |
| https://github.com/aureuserp/aureuserp/commit/213… | patch |
| https://github.com/aureuserp/aureuserp/releases/t… | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T15:16:12.610001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T15:16:24.573Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Chatter Message Handler"
],
"product": "ERP",
"vendor": "Aureus",
"versions": [
{
"status": "affected",
"version": "1.3.0-BETA2"
},
{
"status": "unaffected",
"version": "1.3.0-BETA1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "kkc73 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of the argument subject/body can lead to cross site scripting. The attack can be launched remotely. Upgrading to version 1.3.0-BETA1 is sufficient to fix this issue. This patch is called 2135ee7efff4090e70050b63015ab5e268760ec8. It is suggested to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T10:32:14.092Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351083 | Aureus ERP Chatter Message content-text-entry.blade.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351083"
},
{
"name": "VDB-351083 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351083"
},
{
"name": "Submit #769827 | aureuserp 51b975a Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769827"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/aureuserp/aureuserp/pull/939"
},
{
"tags": [
"patch"
],
"url": "https://github.com/aureuserp/aureuserp/commit/2135ee7efff4090e70050b63015ab5e268760ec8"
},
{
"tags": [
"patch"
],
"url": "https://github.com/aureuserp/aureuserp/releases/tag/v1.3.0-BETA1"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T16:20:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "Aureus ERP Chatter Message content-text-entry.blade.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4175",
"datePublished": "2026-03-15T10:32:14.092Z",
"dateReserved": "2026-03-14T15:15:06.380Z",
"dateUpdated": "2026-03-17T15:16:24.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4169 (GCVE-0-2026-4169)
Vulnerability from cvelistv5 – Published: 2026-03-15 06:02 – Updated: 2026-03-16 15:43 Disputed X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/?id.351076 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351076 | signaturepermissions-required |
| https://github.com/tecnickcom/tcexam/commit/899b5… | patch |
| https://github.com/tecnickcom/tcexam/releases/tag… | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:43:41.541043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:43:55.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*"
],
"modules": [
"XML Export"
],
"product": "TCExam",
"vendor": "Tecnick",
"versions": [
{
"status": "affected",
"version": "16.0"
},
{
"status": "affected",
"version": "16.1"
},
{
"status": "affected",
"version": "16.2"
},
{
"status": "affected",
"version": "16.3"
},
{
"status": "affected",
"version": "16.4"
},
{
"status": "affected",
"version": "16.5"
},
{
"status": "affected",
"version": "16.6.0"
},
{
"status": "unaffected",
"version": "16.6.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function F_xml_export_users of the file admin/code/tce_xml_users.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are still doubts about whether this vulnerability truly exists. Upgrading to version 16.6.1 is able to address this issue. The patch is named 899b5b2fa09edfe16043f07265e44fe2022b7f12. It is suggested to upgrade the affected component. When the vendor was informed about another security issue, he identified and fixed this flaw during analysis. He doubts the impact of this: \"However, this is difficult to justify as security issue. It requires to be administrator to both create and consume the exploit. Administrators can do pretty much anything in the platform, so I don\u0027t see the point of this from a security perspective.\" This is reflected by the CVSS vector."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T06:02:09.933Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351076 | Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351076"
},
{
"name": "VDB-351076 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351076"
},
{
"tags": [
"patch"
],
"url": "https://github.com/tecnickcom/tcexam/commit/899b5b2fa09edfe16043f07265e44fe2022b7f12"
},
{
"tags": [
"patch"
],
"url": "https://github.com/tecnickcom/tcexam/releases/tag/16.6.1"
}
],
"tags": [
"disputed",
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T13:53:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4169",
"datePublished": "2026-03-15T06:02:09.933Z",
"dateReserved": "2026-03-14T12:47:26.433Z",
"dateUpdated": "2026-03-16T15:43:55.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4168 (GCVE-0-2026-4168)
Vulnerability from cvelistv5 – Published: 2026-03-15 06:02 – Updated: 2026-03-16 15:45 Disputed| URL | Tags |
|---|---|
| https://vuldb.com/?id.351075 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351075 | signaturepermissions-required |
| https://vuldb.com/?submit.769826 | third-party-advisory |
| https://github.com/ahmadmarz10-hub/CVEsMarz/blob/… | exploit |
| https://github.com/tecnickcom/tcexam/tags | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4168",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:44:58.172871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:45:07.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*"
],
"modules": [
"Group Handler"
],
"product": "TCExam",
"vendor": "Tecnick",
"versions": [
{
"status": "affected",
"version": "16.5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AhmadMarzouk (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown function of the file /admin/code/tce_edit_group.php of the component Group Handler. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. The presence of this vulnerability remains uncertain at this time. The affected component should be upgraded. The vendor explained: \"I was not able to reproduce the same exploit as the TCExam version was already advanced in the meanwhile.\" Therefore, it can be assumed that this issue got fixed in a later release."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T06:02:07.600Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351075 | Tecnick TCExam Group tce_edit_group.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351075"
},
{
"name": "VDB-351075 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351075"
},
{
"name": "Submit #769826 | Tecnick TCExam 16.5.0 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769826"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/CVE%20Stored%20XSS.md"
},
{
"tags": [
"patch"
],
"url": "https://github.com/tecnickcom/tcexam/tags"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T13:53:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tecnick TCExam Group tce_edit_group.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4168",
"datePublished": "2026-03-15T06:02:07.600Z",
"dateReserved": "2026-03-14T12:47:23.328Z",
"dateUpdated": "2026-03-16T15:45:07.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4166 (GCVE-0-2026-4166)
Vulnerability from cvelistv5 – Published: 2026-03-15 05:32 – Updated: 2026-03-17 13:46| URL | Tags |
|---|---|
| https://vuldb.com/?id.351073 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351073 | signaturepermissions-required |
| https://vuldb.com/?submit.769652 | third-party-advisory |
| https://vuldb.com/?submit.769653 | third-party-advisory |
| https://github.com/Litengzheng/vul_db/blob/main/W… | related |
| https://github.com/Litengzheng/vul_db/blob/main/W… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Wavlink | WL-NU516U1 |
Affected:
240425
cpe:2.3:o:wavlink:wl-nu516u1_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4166",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T13:45:41.216278Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T13:46:28.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:wavlink:wl-nu516u1_firmware:*:*:*:*:*:*:*:*"
],
"product": "WL-NU516U1",
"vendor": "Wavlink",
"versions": [
{
"status": "affected",
"version": "240425"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LtzHust2 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub_404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in cross site scripting. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T05:32:08.404Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351073 | Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351073"
},
{
"name": "VDB-351073 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351073"
},
{
"name": "Submit #769652 | Wavlink WL-NU516U1 V240425 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769652"
},
{
"name": "Submit #769653 | Wavlink WL-NU516U1 V240425 Cross Site Scripting (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769653"
},
{
"tags": [
"related"
],
"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-NU516U1/vul_14/README.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-NU516U1/vul_15/README.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T13:35:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4166",
"datePublished": "2026-03-15T05:32:08.404Z",
"dateReserved": "2026-03-14T12:30:20.703Z",
"dateUpdated": "2026-03-17T13:46:28.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4165 (GCVE-0-2026-4165)
Vulnerability from cvelistv5 – Published: 2026-03-15 05:02 – Updated: 2026-03-17 13:45| URL | Tags |
|---|---|
| https://vuldb.com/?id.351072 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351072 | signaturepermissions-required |
| https://vuldb.com/?submit.769430 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Worksuite | HR, CRM and Project Management |
Affected:
5.5.0
Affected: 5.5.1 Affected: 5.5.2 Affected: 5.5.3 Affected: 5.5.4 Affected: 5.5.5 Affected: 5.5.6 Affected: 5.5.7 Affected: 5.5.8 Affected: 5.5.9 Affected: 5.5.10 Affected: 5.5.11 Affected: 5.5.12 Affected: 5.5.13 Affected: 5.5.14 Affected: 5.5.15 Affected: 5.5.16 Affected: 5.5.17 Affected: 5.5.18 Affected: 5.5.19 Affected: 5.5.20 Affected: 5.5.21 Affected: 5.5.22 Affected: 5.5.23 Affected: 5.5.24 Affected: 5.5.25 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T13:44:43.088799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T13:45:03.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HR, CRM and Project Management",
"vendor": "Worksuite",
"versions": [
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "5.5.1"
},
{
"status": "affected",
"version": "5.5.2"
},
{
"status": "affected",
"version": "5.5.3"
},
{
"status": "affected",
"version": "5.5.4"
},
{
"status": "affected",
"version": "5.5.5"
},
{
"status": "affected",
"version": "5.5.6"
},
{
"status": "affected",
"version": "5.5.7"
},
{
"status": "affected",
"version": "5.5.8"
},
{
"status": "affected",
"version": "5.5.9"
},
{
"status": "affected",
"version": "5.5.10"
},
{
"status": "affected",
"version": "5.5.11"
},
{
"status": "affected",
"version": "5.5.12"
},
{
"status": "affected",
"version": "5.5.13"
},
{
"status": "affected",
"version": "5.5.14"
},
{
"status": "affected",
"version": "5.5.15"
},
{
"status": "affected",
"version": "5.5.16"
},
{
"status": "affected",
"version": "5.5.17"
},
{
"status": "affected",
"version": "5.5.18"
},
{
"status": "affected",
"version": "5.5.19"
},
{
"status": "affected",
"version": "5.5.20"
},
{
"status": "affected",
"version": "5.5.21"
},
{
"status": "affected",
"version": "5.5.22"
},
{
"status": "affected",
"version": "5.5.23"
},
{
"status": "affected",
"version": "5.5.24"
},
{
"status": "affected",
"version": "5.5.25"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AhmadMarzouk (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25. The affected element is an unknown function of the file /account/orders/create. The manipulation of the argument Client Note leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T05:02:07.832Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351072 | Worksuite HR, CRM and Project Management create cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351072"
},
{
"name": "VDB-351072 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351072"
},
{
"name": "Submit #769430 | WORKSUITE WORKSUITE - HR, CRM and Project Management v5.5.25 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769430"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T13:32:34.000Z",
"value": "VulDB entry last update"
}
],
"title": "Worksuite HR, CRM and Project Management create cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4165",
"datePublished": "2026-03-15T05:02:07.832Z",
"dateReserved": "2026-03-14T12:27:21.982Z",
"dateUpdated": "2026-03-17T13:45:03.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4039 (GCVE-0-2026-4039)
Vulnerability from cvelistv5 – Published: 2026-03-12 12:02 – Updated: 2026-03-12 13:10 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/?id.350651 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.350651 | signaturepermissions-required |
| https://vuldb.com/?submit.769580 | third-party-advisory |
| https://github.com/openclaw/openclaw/security/adv… | related |
| https://github.com/openclaw/openclaw/commit/8c9f3… | patch |
| https://github.com/openclaw/openclaw/releases/tag… | patch |
| https://github.com/openclaw/openclaw/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T13:10:16.297254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T13:10:51.077Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"
],
"modules": [
"Skill Env Handler"
],
"product": "OpenClaw",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2026.2.19-2"
},
{
"status": "unaffected",
"version": "2026.2.21-beta.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "nedlir (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T12:02:10.143Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-350651 | OpenClaw Skill Env applySkillConfigenvOverrides code injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.350651"
},
{
"name": "VDB-350651 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.350651"
},
{
"name": "Submit #769580 | openclaw OpenClaw 2026.2.19-2 Code Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769580"
},
{
"tags": [
"related"
],
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c"
},
{
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/openclaw/openclaw/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-12T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-12T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-12T07:51:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "OpenClaw Skill Env applySkillConfigenvOverrides code injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4039",
"datePublished": "2026-03-12T12:02:10.143Z",
"dateReserved": "2026-03-12T06:46:12.632Z",
"dateUpdated": "2026-03-12T13:10:51.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4004 (GCVE-0-2026-4004)
Vulnerability from cvelistv5 – Published: 2026-03-21 03:27 – Updated: 2026-04-08 17:29- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| Vendor | Product | Version | |
|---|---|---|---|
| eoxia | Task Manager |
Affected:
0 , ≤ 3.0.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:53:55.168570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:54:06.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Task Manager",
"vendor": "eoxia",
"versions": [
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Youcef Hamdani"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the \u0027search\u0027 AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callback_search() function and insufficient input validation that allows shortcode syntax (square brackets) to pass through sanitize_text_field() and be concatenated into a do_shortcode() call. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes on the site by injecting shortcode syntax into parameters like \u0027task_id\u0027, \u0027point_id\u0027, \u0027categories_id\u0027, or \u0027term\u0027."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:29:26.172Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3a902a6-c16f-4e0a-a13a-defb93754c92?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/trunk/module/navigation/action/navigation.action.php#L75"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/tags/3.0.2/module/navigation/action/navigation.action.php#L75"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/trunk/module/navigation/action/navigation.action.php#L46"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/tags/3.0.2/module/navigation/action/navigation.action.php#L46"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/trunk/module/navigation/action/navigation.action.php#L29"
},
{
"url": "https://plugins.trac.wordpress.org/browser/task-manager/tags/3.0.2/module/navigation/action/navigation.action.php#L29"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-20T15:08:15.000Z",
"value": "Disclosed"
}
],
"title": "Task Manager \u003c= 3.0.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via \u0027task_id\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-4004",
"datePublished": "2026-03-21T03:27:11.826Z",
"dateReserved": "2026-03-11T18:54:27.040Z",
"dateUpdated": "2026-04-08T17:29:26.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3993 (GCVE-0-2026-3993)
Vulnerability from cvelistv5 – Published: 2026-03-12 06:02 – Updated: 2026-03-12 14:27 X_Freeware| URL | Tags |
|---|---|
| https://vuldb.com/?id.350475 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.350475 | signaturepermissions-required |
| https://vuldb.com/?submit.769749 | third-party-advisory |
| https://github.com/ltranquility/cve_submit/issues/11 | exploitissue-tracking |
| https://itsourcecode.com/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| itsourcecode | Payroll Management System |
Affected:
1.0
cpe:2.3:a:itsourcecode:payroll_management_system:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3993",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:27:17.740070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:27:59.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:itsourcecode:payroll_management_system:*:*:*:*:*:*:*:*"
],
"product": "Payroll Management System",
"vendor": "itsourcecode",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jiaxin Lin (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manage_employee_deductions.php. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T06:02:07.745Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-350475 | itsourcecode Payroll Management System manage_employee_deductions.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.350475"
},
{
"name": "VDB-350475 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.350475"
},
{
"name": "Submit #769749 | itsourcecode Payroll Management System V1.0 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769749"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/ltranquility/cve_submit/issues/11"
},
{
"tags": [
"product"
],
"url": "https://itsourcecode.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-11T17:58:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "itsourcecode Payroll Management System manage_employee_deductions.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3993",
"datePublished": "2026-03-12T06:02:07.745Z",
"dateReserved": "2026-03-11T16:53:07.864Z",
"dateUpdated": "2026-03-12T14:27:59.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Strategy: Refactoring
Refactor your program so that you do not have to dynamically generate code.
Mitigation
- Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which code can be executed by your product.
- Examples include the Unix chroot jail and AppArmor. In general, managed code may provide some protection.
- This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.
- Be careful to avoid CWE-243 and other weaknesses related to jails.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- To reduce the likelihood of code injection, use stringent allowlists that limit which constructs are allowed. If you are dynamically constructing code that invokes a function, then verifying that the input is alphanumeric might be insufficient. An attacker might still be able to reference a dangerous function that you did not intend to allow, such as system(), exec(), or exit().
Mitigation
Use dynamic tools and techniques that interact with the product using large test suites with many diverse inputs, such as fuzz testing (fuzzing), robustness testing, and fault injection. The product's operation may slow down, but it should not become unstable, crash, or generate incorrect results.
Mitigation MIT-32
Strategy: Compilation or Build Hardening
Run the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
Mitigation MIT-32
Strategy: Environment Hardening
Run the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
Mitigation
For Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
CAPEC-242: Code Injection
An adversary exploits a weakness in input validation on the target to inject new code into that which is currently executing. This differs from code inclusion in that code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-77: Manipulating User-Controlled Variables
This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.