8 matches found
EUVD-2024-47085
Malicious code in bioql PyPI...
CVE-2025-4568 SQL Injection in 2ClickPortal
Improper neutralization of input provided by an unauthorized user into changesreferenceid parameter in URL allows for boolean-based Blind SQL Injection attacks...
CVE-2025-4568 SQL Injection in 2ClickPortal
Improper neutralization of input provided by an unauthorized user into changesreferenceid parameter in URL allows for boolean-based Blind SQL Injection attacks...
PT-2025-23910 · Unknown · 2Clickportal
Name of the Vulnerable Software and Affected Versions: 2ClickPortal versions prior to 7.14.3 Description: The issue is related to improper neutralization of input provided by an unauthorized user into the changes reference id parameter in the URL, allowing for boolean-based Blind SQL Injection...
CVE-2024-5961
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...
CVE-2024-5961 Reflected XSS in 2ClickPortal
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...
CVE-2024-5961 Reflected XSS in 2ClickPortal
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...
2ClickPortal Security Vulnerabilities
2ClickPortal is a web portal from 2ClickPortal, Inc. A security vulnerability exists in 2ClickPortal versions 7.2.31 through 7.6.4, which stems from improper neutralization of inputs when generating web pages, and is susceptible to reflective cross-site scripting attacks...