Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.5 views

CVE-2026-7678

A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to sql injection. It is possible to launch the attac...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/03 4:0 a.m.4 views

CVE-2026-7678 YunaiV yudao-cloud GoViewDataServiceImpl.java getDataBySQL sql injection

A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to sql injection. It is possible to launch the attac...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/03 4:0 a.m.51 views

CVE-2026-7678 YunaiV yudao-cloud GoViewDataServiceImpl.java getDataBySQL sql injection

A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to sql injection. It is possible to launch the attac...

6.5CVSS0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7678

Malware in sbrugna...

7.8CVSS7.6AI score0.00437EPSS
Exploits0References3
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-7678 Malicious code in @crabas0npm2/nam-totam-vero (npm)

The package @crabas0npm2/nam-totam-vero was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:49 a.m.5 views

CVE-2024-7678

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=savepackage. The manipulation of the argument name/description/trainingduration leads to...

6.1CVSS6AI score0.00426EPSS
Exploits1References1
Circl
Circl
added 2024/08/12 3:56 p.m.5 views

CVE-2024-7678

creationtimestamp| type| source ---|---|--- 2024-08-12 15:56:16+00:00| seen| https://t.me/cvedetector/2831...

6.1CVSS4.4AI score0.00426EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/08/11 12:31 p.m.42 views

CVE-2024-7678 SourceCodester Car Driving School Management System Master.php cross site scripting

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=savepackage. The manipulation of the argument name/description/trainingduration leads to...

5.3CVSS0.00426EPSS
Exploits1References4
CVE
CVE
added 2024/08/11 12:31 p.m.60 views

CVE-2024-7678

CVE-2024-7678 pertains to SourceCodester Car Driving School Management System 1.0. A cross-site scripting vulnerability resides in the public function at /classes/Master.php?f=save_package, triggered by manipulating the name/description/training_duration parameters. The issue is exploitable remot...

6.1CVSS3.8AI score0.00426EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/06/06 12:24 p.m.3 views

CGA-7JCQ-MWG3-7678

Bulletin has no description...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/26 12:1 a.m.5 views

@csn_chile/fuelgauge (=1.0.1), @csn_chile/ol_ws (=1.0.0) +8 more potentially affected by CVE-2020-7678 via node-import (>=0.1.9 <=0.9.2)

node-import NPM version =0.1.9, =1.0.0, =1.0.0, =0.0.2, =0.1.2, =1.1.2, =1.1.1, =1.4.2 Source cves: CVE-2020-7678 Source advisory: OSV:GHSA-PC62-CQ5X-3J5G...

9.8CVSS7.2AI score0.00934EPSS
Exploits1
NVD
NVD
added 2022/07/25 2:15 p.m.29 views

CVE-2020-7678

This affects all versions of package node-import. The "params" argument of module function can be controlled by users without any sanitization.b. This is then provided to the “eval” function located in line 79 in the index file "index.js"...

9.8CVSS0.00934EPSS
Exploits1References2
CVE
CVE
added 2022/07/25 2:7 p.m.39 views

CVE-2020-7678

node-import is vulnerable to Arbitrary Code Execution: the params argument can be provided by users without sanitization and is passed to eval in index.js (line 79), affecting all versions. A PoC exists demonstrating code execution, and no fixed version is available. Practical remediation is to r...

9.8CVSS9.2AI score0.00934EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/25 2:7 p.m.34 views

CVE-2020-7678 Arbitrary Code Execution

This affects all versions of package node-import. The "params" argument of module function can be controlled by users without any sanitization.b. This is then provided to the “eval” function located in line 79 in the index file "index.js"...

8.6CVSS9.5AI score0.00934EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2020/06/15 3:44 p.m.5 views

@csn_chile/fuelgauge (=1.0.1), @csn_chile/ol_ws (=1.0.0) +8 more potentially affected by CVE-2020-7678 via node-import (>=0.1.9 <=0.9.2)

node-import NPM version =0.1.9, =1.0.0, =1.0.0, =0.0.2, =0.1.2, =1.1.2, =1.1.1, =1.4.2 Source cves: CVE-2020-7678 Source advisory: SNYK:JS-NODEIMPORT-571691...

9.8CVSS7.2AI score0.00934EPSS
Exploits1
Cvelist
Cvelist
added 2019/02/09 10:0 p.m.20 views

CVE-2019-7678

A directory traversal vulnerability was discovered in Enphase Envoy R3.. via images/, include/, include/js, or include/css on TCP port 8888...

9.5AI score0.02486EPSS
Exploits0References2
CVE
CVE
added 2019/02/09 10:0 p.m.51 views

CVE-2019-7678

CVE-2019-7678 is a directory traversal vulnerability in Enphase Envoy R3.. exposed on TCP port 8888 via paths images/, include/, include/js, and include/css. The connected records corroborate this as a vulnerability affecting Enphase Envoy R3.. with CVSS v2 base 7.5 (PARTIAL confidentiality/integ...

9.8CVSS9.4AI score0.02486EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2018/11/09 5:43 p.m.11 views

ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +652 more potentially affected by CVE-2017-7678 via org.apache.spark:spark-core_2.11 (>=1.2.0 <=2.1.3)

org.apache.spark:spark-core2.11 MAVEN version =1.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.18, =2.0.0, =1.0.0, =0.5.2, =1.0, =2.11-2.1.1-2.2.0, =4.2.0, =5.1.0, =5.1.2 and more Source cves: CVE-2017-7678 Source advisory: OSV:GHSA-R34R-F84J-5X4X...

6.1CVSS6.3AI score0.0338EPSS
Exploits0
Cvelist
Cvelist
added 2018/03/14 3:0 p.m.20 views

CVE-2018-7678 XSS vulnerability in NetIQ Access Manager (NAM) Admin Console component

A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager NAM 4.3 and 4.4...

3.5CVSS4.9AI score0.0062EPSS
Exploits0References2
CVE
CVE
added 2018/03/14 3:0 p.m.44 views

CVE-2018-7678

CVE-2018-7678 is a cross-site scripting vulnerability in the Administration Console of NetIQ Access Manager (NAM) affecting NAM versions 4.3 and 4.4. The issue stems from improper input filtering in the Administration Console, enabling a remote attacker to execute arbitrary browser code. Supporte...

4.8CVSS4.3AI score0.0062EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder