EUVD-2023-25849

Malicious code in bioql PyPI...

CVE-2024-25849

CVE-2024-25849 affects PrestaToolKit Make an offer module for PrestaShop (version ≤ 1.7.1). The vulnerability is a SQL injection in guest-accessible flows via MakeOffers::checkUserExistingOffer() and MakeOffers::addUserOffer(), leading to potential unauthorized data access or modification. Affect...

CVE-2024-25849

In the module "Make an offer" makeanoffer = 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer and MakeOffers::addUserOffer...

CVE-2022-25849

creationtimestamp| type| source ---|---|--- 2022-10-26 12:27:17+00:00| seen| https://t.me/cibsecurity/52090 2025-05-09 19:26:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15822...

CVE-2022-25849 Cross-site Scripting (XSS)

The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting XSS because the module of parse markdown does not filter the href attribute very well...

CVE-2022-25849

CVE-2022-25849 affects joyqi/hyper-down, a Markdown parser library. The vulnerability stems from improper filtering of href attributes in the markdown parser, enabling cross-site scripting (XSS). Affected versions start at 0.0.0 and continue thereafter. Public details describe an XSS vector in th...

CVE-2022-25849 Cross-site Scripting (XSS)

The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting XSS because the module of parse markdown does not filter the href attribute very well...

CVE-2021-25849

The CVE-2021-25849 entry describes a denial-of-service vulnerability in MOXA Camera VPort 06EC-2V Series (version 1.1) caused by an integer underflow in the userdisk/vport_lldpd component due to improper validation of the PortID TLV. The affected device is vulnerable to a crafted LLDP packet that...

CVE-2020-25849

creationtimestamp| type| source ---|---|--- 2020-11-01 20:37:55+00:00| seen| https://t.me/cibsecurity/15759...

CVE-2020-25849

MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token...

CVE-2020-25849 Openfind MailGates/MailAudit - Command Injection

MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token...

CVE-2020-25849

The CVE-2020-25849 entry describes a Command Injection vulnerability in MailGates and MailAudit products. The issue allows an attacker to inject and execute system commands via the CGI parameter after obtaining the user’s access token. No affected product versions, root-cause details, or remediat...

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25849)

NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...