23 matches found
CVE-2026-2105
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...
CVE-2026-2105
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...
EUVD-2026-5722
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...
warehouse 授权问题漏洞
Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the Department Management component, specifically in the file...
EUVD-2025-29268
Malicious code in bioql PyPI...
EUVD-2025-31431
Malicious code in bioql PyPI...
EUVD-2025-6462
Malicious code in bioql PyPI...
CVE-2025-11069
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...
CVE-2025-11069
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...
CVE-2025-11069
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...
CVE-2025-11069
CVE-2025-11069 (westboy CicadasCMS 1.0) affects the Add Department Handler: the vulnerability arises from manipulating the Name argument in the file /system/org/save, enabling cross-site scripting. The issue is exploitable remotely and, per multiple sources, the exploit has been publicly disclose...
CVE-2025-11069 westboy CicadasCMS Add Department save cross site scripting
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...
CVE-2025-11069 westboy CicadasCMS Add Department save cross site scripting
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...
CicadasCMS 代码注入漏洞
CicadasCMS is a content management framework based on SpringBoot Mybatis SpringSecurity Vue developed by westboy individual developer in China. A code injection vulnerability exists in CicadasCMS version 1.0, which originates from the incorrect operation of the parameter Name by the component Add...
CVE-2025-57117
A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...
CVE-2025-57117
A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...
CVE-2025-57117
A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...
CVE-2025-57117
An analysis of CVE-2025-57117, with multiple connected sources, confirms a Clickjacking vulnerability in Rems’ Employee Management System v1.0. The issue resides in the department.php page where an attacker can inject a malicious payload via the Department Name field under Add Department to execu...
PT-2025-37768
Name of the Vulnerable Software and Affected Versions Rems' Employee Management System version 1.0 Description A Clickjacking issue exists that allows remote attackers to execute arbitrary JavaScript. The issue is present on the 'department.php' page and involves injecting a malicious payload int...
CVE-2025-2366
A vulnerability, which was classified as problematic, was found in gougucms 4.08.18. This affects the function add of the file /admin/department/add of the component Add Department Page. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack...