EUVD-2025-7174

Malicious code in bioql PyPI...

CVE-2025-7174 code-projects Library System teacher-issue-book.php sql injection

A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2025-7174

CVE-2025-7174 affects code-projects Library System 1.0. The vulnerability is a SQL injection caused by manipulation of the idn parameter in the file "/teacher-issue-book.php". It can be triggered remotely and has been disclosed publicly. Multiple sources (including PT-2025-28404) confirm a critic...

CVE-2023-7174

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2023-7174

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2023-7174 aBitGone CommentSafe <= 1.0.0 - Settings Update to Stored XSS via CSRF

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2023-7174 aBitGone CommentSafe <= 1.0.0 - Settings Update to Stored XSS via CSRF

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

Linux Distros Unpatched Vulnerability : CVE-2018-7174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables...

CVE-2024-7174

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. This affects the function setdeviceName of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument deviceMac/deviceName leads to buffer overflow. It is possible to initiate the attack...

Qnap QTS Path Traversal (CVE-2013-7174)

Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2024-7174

creationtimestamp| type| source ---|---|--- 2024-07-29 02:54:40+00:00| seen| https://t.me/cvedetector/1788...

Oracle Linux 8 : perl-HTTP-Tiny (ELSA-2023-7174)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7174 advisory. - Changes the verifySSL default parameter from 0 to 1 - CVE-2023-31486 Tenable has extracted the preceding description block directly from the Oracle Linux...

CentOS 8 : perl-HTTP-Tiny (CESA-2023:7174)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:7174 advisory. - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in t...

SUSE: Security Advisory (SUSE-SU-2015:1703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1680-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7174

A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7174

CVE-2020-7174 affects HPE Intelligent Management Center (iMC) before 7.3 (E0705P07). The issue is a soapConfigContent expression language injection that allows remote code execution via the soapConfigContent.xhtml endpoint, manipulating the beanName parameter. Documented exploitation context incl...

CVE-2014-7174

creationtimestamp| type| source ---|---|--- 2020-06-01 20:55:40+00:00| seen| https://t.me/cibsecurity/12480...

CVE-2014-7174

CVE-2014-7174 affects FarLinX X25 Gateway; a directory traversal vulnerability exists in the log-handling feature, enabling access to restricted paths. Reported for versions up to 2014-09-25. CVE details show a network-accessible issue with medium overall impact (C/L, I/N, A/N per CVSSv2/v3.1). C...

Stack overflow

An issue was discovered on Samsung mobile devices with software through 2016-09-13 Exynos AP chipsets. There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 December 2016...