CVE-2026-7149 dexhunter kaggle-mcp server.py prepare_kaggle_dataset path traversal

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...

CVE-2026-7149 dexhunter kaggle-mcp server.py prepare_kaggle_dataset path traversal

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...

CVE-2020-7149

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

MAL-2025-7149 Malicious code in @crabas0npm/accusamus-soluta-eveniet (npm)

The package @crabas0npm/accusamus-soluta-eveniet was found to contain malicious code...

CVE-2025-7149

A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidatesdelete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The explo...

CVE-2025-7149

A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidatesdelete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The explo...

CVE-2025-7149

A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidatesdelete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The explo...

CVE-2025-7149 Campcodes Advanced Online Voting System candidates_delete.php sql injection

A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidatesdelete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The explo...

CVE-2025-7149

CVE-2025-7149 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is an SQL injection in the file /admin/candidates_delete.php caused by manipulation of the ID parameter. Exploitation is possible remotely and has been publicly disclosed. The reports consistently describe this i...

CVE-2024-7149

creationtimestamp| type| source ---|---|--- 2024-09-27 16:43:46+00:00| seen| https://t.me/cvedetector/6530...

CVE-2024-7149 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.8 - Authenticated (Contributor+) Local File Inclusion

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, t...

CVE-2023-7149

creationtimestamp| type| source ---|---|--- 2023-12-29 05:27:07+00:00| seen| https://t.me/ctinow/160342 2023-12-30 01:34:21+00:00| seen| https://t.me/cibsecurity/73897 2024-01-03 08:16:51+00:00| seen| https://t.me/ctinow/162244 2024-01-20 10:11:10+00:00| seen| https://t.me/ctinow/170573...

CVE-2023-7149

A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input " leads to cross site scripting. It is possible to initiate the...

Oracle Linux 7 : elfutils (ELSA-2019-2197)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2197 advisory. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150...

SUSE: Security Advisory (SUSE-SU-2022:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for dwarves (SUSE-SU-2022:2614-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-7149

CVE-2020-7149 describes an ictexpertcsvdownload expression language injection in Hewlett Packard Enterprise’s Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07). The Red Hat, CNVD, CNVD, NVD and ZDI entries in the connected set confirm a remote code execution vulnerability that can ...

CVE-2018-7149

CVE-2018-7149 is rejected and does not represent an active vulnerability entry.

CVE-2018-7149

...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2020-1448)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...