CVE-2025-14197

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...

PT-2025-49412

Name of the Vulnerable Software and Affected Versions Verysync versions up to 2.21.3 Description A flaw exists in Verysync that allows for unrestricted file upload. This impacts an unknown function within the Web Administration Module, specifically related to the file...

Verysync 访问控制错误漏洞

Verysync is a private file synchronization and backup software from China-based Weili Synchronization Verysync. An access control error vulnerability exists in Verysync version 2.21.3, which stems from incorrect manipulation of the file /safebrowsing/clientreport/download?key=dummytoken in the...

Verysync 访问控制错误漏洞

Verysync is a private file synchronization and backup software from China-based Weili Synchronization Verysync. An access control error vulnerability exists in Verysync 2.21.3 and earlier versions, which stems from incorrect manipulation of the file /rest/f/api/resources/f96956469e7be39d in the...

Verysync 代码问题漏洞

Verysync is a private file synchronization and backup software from China-based Weili Synchronization Verysync. A code issue vulnerability exists in Verysync 2.21.3 and prior versions that originates from the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false in the component...

PT-2025-49410

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...

CVE-2025-13782

Affects taosir WTCMS (SlideController component). The delete function in application/Admin/Controller/SlideController.class.php accepts an ids parameter and can be abused to perform SQL injection. This is exploitable remotely; public exploit is referenced. Affected versions are prior to 01a5f68a3...

EUVD-2000-0806

Malware in sbrugna...

EUVD-2019-7712

Malware in sbrugna...

EUVD-2019-7728

Malware in sbrugna...

EUVD-2019-7711

Malware in sbrugna...

EUVD-2019-7713

Malware in sbrugna...

EUVD-2014-9322

Malware in sbrugna...

EUVD-2014-7921

Malware in sbrugna...

EUVD-2022-2564

Malicious code in bioql PyPI...

EUVD-2022-44546

Malicious code in bioql PyPI...

Puppet Enterprise Administration Module（PEADM） 安全漏洞

Puppet Enterprise Administration Module PEADM is an open source Puppet module from Puppet that defines the Bolt program. It is used to automate Puppet Enterprise deployments. A security vulnerability exists in Puppet Enterprise Administration Module PEADM versions 2025.4.0 and 2025.5, which stems...

CVE-2019-17315

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user...

CVE-2019-17300

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user...

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...