Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-99 (对资源描述符的控制不恰当(资源注入)) — Vulnerability Class 46

46 vulnerabilities classified as CWE-99 (对资源描述符的控制不恰当(资源注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-5414 Newgen OmniDocs WebApiRequestRedirection resource injection — OmniDocs 5.3 Medium2026-04-02
CVE-2026-5031 BichitroGan ISP Billing Software Endpoint users-view resource injection — ISP Billing Software 4.3 Medium2026-03-29
CVE-2026-3693 Shy2593666979 AgentChat User Endpoint user.py update_user_info resource injection — AgentChat 7.3 High2026-03-08
CVE-2025-12919 EverShop Order Order.resolvers.js resource injection — EverShop 3.7 Low2025-11-09
CVE-2025-12918 yungifez Skuul School Management System View Fee Invoice fee-invoices resource injection — Skuul School Management System 3.1 Low2025-11-09
CVE-2025-12270 LearnHouse Student Assignment Submission sub_file resource injection — LearnHouse 4.3 Medium2025-10-27
CVE-2025-43491 Poly Lens Desktop Application – Privilege Escalation — Poly Lens 6.7AIMediumAI2025-09-09
CVE-2025-9619 E4 Sistemas Mercatus ERP id resource injection — Mercatus ERP 5.3 Medium2025-08-29
CVE-2025-9264 Xuxueli xxl-job Jobs JobInfoController.java remove resource injection — xxl-job 5.4 Medium2025-08-20
CVE-2025-9263 Xuxueli xxl-job JobLogController.java getJobsByGroup resource injection — xxl-job 4.3 Medium2025-08-20
CVE-2025-8793 LitmusChaos Litmus resource injection — Litmus 4.3 Medium2025-08-10
CVE-2025-6534 xxyopen/201206030 novel-plus File FileController.java remove resource injection — novel-plus 4.2 Medium2025-06-24
CVE-2025-2410 Admin Authorized Port (iptables) manipulation (open/close/disable ports) — ASPECT-Enterprise 9.1 Critical2025-05-22
CVE-2025-3855 CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injection — RISE Ultimate Project Manager 4.3 Medium2025-04-22
CVE-2025-0756 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & Analytics 9.1 Critical2025-04-16
CVE-2025-3405 FCJ Venture Builder appclientefiel HTTP GET Request ObterPedido resource injection — appclientefiel 4.3 Medium2025-04-08
CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection — RH iD 4.3 Medium2025-03-09
CVE-2025-1645 Benner Connecta EditarLogado resource injection — Connecta 6.3 Medium2025-02-25
CVE-2025-1642 Benner ModernaNet GetImageMedico resource injection — ModernaNet 4.3 Medium2025-02-25
CVE-2025-1575 Harpia DiagSystem atualatendimento_jpeg.php resource injection — DiagSystem 4.3 Medium2025-02-23
CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & Analytics 8.8 High2025-02-19
CVE-2024-57971 Knowage 安全漏洞 — KNOWAGE 9.1 Critical2025-02-16
CVE-2025-0625 CampCodes School Management Software Attachment resource injection — School Management Software 3.1 Low2025-01-22
CVE-2023-6605 Ffmpeg: dash playlist ssrf vulnerability in ffmpeg 7.2 High2025-01-06
CVE-2023-6604 Ffmpeg: hls xbin demuxer dos amplification in ffmpeg 5.3 Medium2025-01-06
CVE-2023-6601 Ffmpeg: hls unsafe file extension bypass in ffmpeg 4.7 Medium2025-01-06
CVE-2023-6602 Ffmpeg: improper handling of input format in tty demuxer of ffmpeg 5.3 Medium2024-12-31
CVE-2024-7658 projectsend process.php get_preview resource injection — projectsend 5.3 Medium2024-08-11
CVE-2024-7438 SimpleMachines SMF User Alert Read Status index.php resource injection — SMF 4.3 Medium2024-08-03
CVE-2024-7437 SimpleMachines SMF Delete User index.php resource injection — SMF 5.4 Medium2024-08-03

Vulnerabilities classified as CWE-99 (对资源描述符的控制不恰当(资源注入)) represent 46 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.