CVE-2024-58279

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by...

CVE-2024-58279

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by...

CVE-2024-58279

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by...

appRain CMF 代码问题漏洞

appRain CMF is a content management framework from appRain Canada. A code issue vulnerability exists in appRain CMF version 4.0.5 that originates from an authenticated user being able to upload a malicious PHP file via the file manager, which could lead to remote code execution...

EUVD-2011-5129

Malware in sbrugna...

EUVD-2011-5128

Malware in sbrugna...

EUVD-2013-5887

Malware in sbrugna...

EUVD-2025-26718

Malicious code in bioql PyPI...

EUVD-2025-26708

Malicious code in bioql PyPI...

EUVD-2025-26697

Malicious code in bioql PyPI...

EUVD-2025-26699

Malicious code in bioql PyPI...

EUVD-2025-26715

Malicious code in bioql PyPI...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21131)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in the /apprain/information/manage/emailtemplate/add endpoint. An attacker could use this vulnerability to steal the victim's cookie-base...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21111)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input on the /apprain/developer/addons/update/960grid endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21126)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/uploadify endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21113)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/admin endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

appRain CMF SQL Injection Vulnerability (CNVD-2025-21108)

appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...

appRain CMF cross-site scripting vulnerability (CNVD-2025-20911)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /apvain/admin/config/opts endpoint. The vulnerability can be exploited by an attacker to steal a victim's cookie-based authentication...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21123)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/rowmanager endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authenticatio...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21110)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in /apprain/appreport/manage/endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...