37 matches found
EUVD-2017-14345
Malware in sbrugna...
EUVD-2017-14341
Malware in sbrugna...
EUVD-2017-14338
Malware in sbrugna...
EUVD-2025-15823
Malicious code in bioql PyPI...
EUVD-2025-31102
Malicious code in bioql PyPI...
CVE-2025-11195
Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that already exists. This issue stems from a lack of effective verification of the uniqueness of project...
CVE-2025-11195
Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that already exists. This issue stems from a lack of effective verification of the uniqueness of project...
CVE-2025-11195
Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that already exists. This issue stems from a lack of effective verification of the uniqueness of project...
CVE-2025-11195
Rapid7 AppSpider Pro versions below 7.5.021 are affected by a project name validation bypass. The issue arises from insufficient verification of project name uniqueness when editing the configuration file outside the application, allowing an attacker to set a project name to one that already exis...
CVE-2025-11195 Rapid7 AppSpider Project Name Validation Bypass
Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that already exists. This issue stems from a lack of effective verification of the uniqueness of project...
Rapid7 AppSpider Pro 数据伪造问题漏洞
Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...
PT-2025-40014
Name of the Vulnerable Software and Affected Versions Rapid7 AppSpider Pro versions prior to 7.5.021 Description Rapid7 AppSpider Pro versions below 7.5.021 have a project name validation issue. An attacker can modify the project name directly in the configuration file to a name that already exis...
CVE-2025-36857
Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in directories belonging to other users or projects. Affected versions allow standard users to add custom...
CVE-2025-36857
CVE-2025-36857 — Rapid7 Appspider Pro versions prior to 7.5.021 suffer a broken access control in the configuration file loading mechanism. The issue allows a standard user to place custom configuration files in other users’ or projects’ directories, and since files are loaded in alphabetical ord...
PT-2025-39395
Name of the Vulnerable Software and Affected Versions Rapid7 Appspider Pro versions prior to 7.5.021 Description The application has a broken access control issue in how it loads configuration files. Standard users can add custom configuration files, which are loaded alphabetically and can overri...
CVE-2025-4951
Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Despite the application preventing the inclusion of special characters within the "ScanName" field, this could be bypassed by modifying the configuration...
CVE-2025-4951
Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Despite the application preventing the inclusion of special characters within the "ScanName" field, this could be bypassed by modifying the configuration...
CVE-2025-4951
Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Despite the application preventing the inclusion of special characters within the "ScanName" field, this could be bypassed by modifying the configuration...
CVE-2025-4951
Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Despite the application preventing the inclusion of special characters within the "ScanName" field, this could be bypassed by modifying the configuration...
CVE-2025-4951
CVE-2025-4951 affects Rapid7 AppSpider Pro prior to version 7.5.018. A stored cross-site scripting vulnerability exists in the ScanName field; the app prevents special characters but this can be bypassed by directly modifying the configuration file. Impact described: stored XSS risk in ScanName w...