185 matches found
EUVD-2023-57718
Malicious code in bioql PyPI...
EUVD-2025-30402
Malicious code in bioql PyPI...
EUVD-2022-39077
Malicious code in bioql PyPI...
EUVD-2025-28368
Malicious code in bioql PyPI...
EUVD-2024-54173
Malicious code in bioql PyPI...
EUVD-2025-25186
Malicious code in bioql PyPI...
CVE-2025-11096
A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diagtraceroute. Executing manipulation of the argument targetaddr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...
CVE-2025-10787 MuYuCMS Add Fiend Link index.html server-side request forgery
A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has bee...
CVE-2025-10760 Harness lookup_repo.go LookupRepo server-side request forgery
A flaw has been found in Harness 3.3.0. This impacts the function LookupRepo of the file app/api/controller/gitspace/lookuprepo.go. Executing manipulation of the argument url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been published and may be...
CVE-2025-10760
Harness 3.3.0 is affected by a flaw in the LookupRepo function (app/api/controller/gitspace/lookup_repo.go) where manipulating the url argument can trigger server-side request forgery. The vulnerability is exploitable remotely, and published PoCs exist; vendor did not respond to disclosure per mu...
CVE-2025-10471
A vulnerability was detected in ZKEACMS 4.3. Impacted is the function Proxy of the file src/ZKEACMS/Controllers/MediaController.cs. Performing manipulation of the argument url results in server-side request forgery. It is possible to initiate the attack remotely. The exploit is now public and may...
PT-2025-37724
Name of the Vulnerable Software and Affected Versions: ZKEACMS version 4.3 Description: A vulnerability exists in ZKEACMS that allows for server-side request forgery. The issue is located in the Proxy function within the src/ZKEACMS/Controllers/MediaController.cs file. Manipulation of the url...
CVE-2025-9782
A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been...
CVE-2025-9781
A vulnerability has been found in TOTOLINK A702R 4.0.0-B20211108.1423. This affects the function sub4162DC of the file /boafrm/formFilter. Such manipulation of the argument ip6addr leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may ...
CVE-2025-9438
A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/addstudent.php. The manipulation of the argument address results in cross site scripting. The attack can be executed remotely. The...
Linux Distros Unpatched Vulnerability : CVE-2023-2620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions...
PT-2025-35174
Name of the Vulnerable Software and Affected Versions: Tenda AC21 version 16.03.08.16 Tenda AC23 version 16.03.08.16 Description: A stack-based buffer overflow vulnerability exists in the GetParentControlInfo function of the /goform/GetParentControlInfo file in Tenda AC21 and AC23 routers...
Vvveb 访问控制错误漏洞
Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. An access control error vulnerability exists in Vvveb version 1.0.5 and earlier, which stems from incorrect manipulation of the parameter url leading to information disclosu...
CVE-2025-7153
A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the component POST Parameter Handler. The manipulation of the argument First Name/Last name/Address leads ...
CVE-2024-5374
A vulnerability, which was classified as problematic, was found in Kashipara College Management System 1.0. Affected is an unknown function of the file submitnewfaculty.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the attack remotely. The...