25 matches found
EUVD-2025-10934
Malicious code in bioql PyPI...
EUVD-2025-10933
Malicious code in bioql PyPI...
CVE-2025-3579
In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system Unix commands, interacting with internal services such as PHP or MySQL, and even invoking native...
CVE-2025-3578
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2025-3579
In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system Unix commands, interacting with internal services such as PHP or MySQL, and even invoking native...
CVE-2025-3578
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2025-3579
Aidex CVE-2025-3579 affects versions prior to 1.7. The issue is a prompt-injection vulnerability in the /api//message endpoint where the content parameter can be manipulated by an authenticated user with access to an open registry, enabling execution of OS commands (Unix), interaction with intern...
CVE-2025-3579 Code Injection Vulnerability in AiDex
In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system Unix commands, interacting with internal services such as PHP or MySQL, and even invoking native...
CVE-2025-3578
The CVE-2025-3578 vulnerability in Aidex affects versions prior to 1.7 and can be exploited by an authenticated user to list credentials of other users, create or modify users, and disclose sensitive information from production/development environments. It enables exfiltration of details about th...
CVE-2025-3578 Adversarial Input Handling Vulnerability in AiDex
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2025-3578 Adversarial Input Handling Vulnerability in AiDex
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
PT-2025-16308 · Laravel +4 · Laravel +4
Name of the Vulnerable Software and Affected Versions: Aidex versions prior to 1.7 Description: The issue allows an authenticated malicious user to execute unauthorized commands within the system by exploiting an open registry. This can include executing operating system commands, interacting wit...
AiDex 安全漏洞
AiDex is an artificial intelligence chatbot from AiDex. A security vulnerability exists in Aidex versions prior to 1.7, which stems from improper handling of the content parameter in the /api//message endpoint, which could lead to credential disclosure and sensitive information leakage...
Aidex 代码注入漏洞
AiDex is an artificial intelligence chatbot from AiDex. A code injection vulnerability exists in Aidex versions prior to 1.7, which stems from improper handling of the content parameter in the /api//message endpoint, which could lead to a command execution attack...
AIDeX Mini-WebServer <= 1.1 - Remote Denial of Service Crash Exploit
No description provided by source. import socket print --------------------------------------------------------------------- print AID'eX Mini-Webserver Verion 1.1 early Release 3 Denial of Service print url: http://www.aidex.de/software/webserver/ print author: shinnai print mail:...
AIDeX Mini-Webserver 1.4 Cross Site Scripting
Exploit Title: AIDeX Mini-Webserver 1.4 integrated Chat Javascript Injection Vulnerability Autor: wingthor Author-Email:[email protected] Author-Website german:http://www.wingthor.de Date: 30.12.10 Tool: AIDeX Mini-Webserver Version: 1.4...
CVE-2006-6855
AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...
EUVD-2006-6838
AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...
CVE-2006-6855
AIDeX Mini-WebServer 1.1 early release 3 is affected by a remote denial-of-service vulnerability: a flood of HTTP GET requests can crash the daemon, possibly tied to the GUI’s HTTP log data display. Root cause details are not provided, and no patch/mitigation is specified in the available documen...
CVE-2006-6855
AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...