Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-96 (静态存储代码中指令转义处理不恰当(静态代码注入)) — Vulnerability Class 21

21 vulnerabilities classified as CWE-96 (静态存储代码中指令转义处理不恰当(静态代码注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-57707 File Station 5 — File Station 5 6.5AIMediumAI2026-02-11
CVE-2025-7825 Schema Plugin For Divi, Gutenberg & Shortcodes <= 4.3.2 - Authenticated (Contributor+) Object Instantiation — Schema Plugin For Divi, Gutenberg & Shortcodes 6.3 Medium2025-10-03
CVE-2025-36595 Dell Unisphere 安全漏洞 — Unisphere for PowerMax vApp 7.2 High2025-06-27
CVE-2015-2079 Webmin Usermin 安全漏洞 — Usermin 9.9 Critical2025-04-28
CVE-2025-30091 Tiny MoxieManager 安全漏洞 — MoxieManager PHP 9.8AICriticalAI2025-03-25
CVE-2024-13268 Opigno - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-032 — Opigno 9.8 -2025-01-09
CVE-2024-13267 Opigno TinCan Question Type - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-031 — Opigno TinCan Question Type 9.8 -2025-01-09
CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029 — Opigno Learning path 8.8 -2025-01-09
CVE-2024-13264 Opigno module - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-028 — Opigno module 9.8 -2025-01-09
CVE-2024-13263 Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027 — Opigno group manager 8.8 -2025-01-09
CVE-2024-55877 XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList — xwiki-platform 10.0 Critical2024-12-12
CVE-2024-55662 XWiki allows remote code execution through the extension sheet — xwiki-platform 10.0 Critical2024-12-12
CVE-2024-43400 XWiki Platform allows XSS through XClass name in string properties — xwiki-platform 9.1 Critical2024-08-19
CVE-2024-37900 XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader — xwiki-platform 6.4 Medium2024-07-31
CVE-2024-0788 SUPERAntiSpyware Pro X v10.0.1260 - Kernel-level API parameters manipulation — SUPERAntiSpyware Pro X 6.6 Medium2024-01-29
CVE-2022-3960 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') — Pentaho Business Analytics Server 6.3 Medium2023-04-03
CVE-2022-43938 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') — Pentaho Business Analytics Server 8.8 High2023-04-03
CVE-2022-0895 Static Code Injection in microweber/microweber — microweber/microweber 9.8 -2022-03-10
CVE-2021-39115 Atlassian Jira 代码注入漏洞 — Jira Service Desk Server 7.2 -2021-09-01
CVE-2020-6144 Open Solutions for Education openSIS 代码注入漏洞 — OS4Ed 9.8 -2020-09-01
CVE-2020-6143 Open Solutions for Education openSIS 代码注入漏洞 — OS4Ed 9.8 -2020-09-01

Vulnerabilities classified as CWE-96 (静态存储代码中指令转义处理不恰当(静态代码注入)) represent 21 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.