28 matches found
CVE-2025-56423
An issue in Austrian Academy of Sciences AW Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages...
CVE-2025-60915
An issue in the size query parameter /views/file.py of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request...
EUVD-2025-198803
An issue in Austrian Academy of Sciences AW Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages...
EUVD-2025-198802
Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a crafted GET request to the /displaylogo endpoint...
CVE-2025-56423
An issue in Austrian Academy of Sciences AW Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages...
PT-2025-47928
Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a crafted GET request to the /display logo endpoint...
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
EUVD-2025-23504
Malicious code in bioql PyPI...
EUVD-2025-23512
Malicious code in bioql PyPI...
EUVD-2025-23513
Malicious code in bioql PyPI...
CVE-2025-51534
A cross-site scripting XSS vulnerability in Austrian Archaeological Institute AI OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-51536
Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password...
CVE-2025-51535
Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability...
CVE-2025-51535
Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability...
CVE-2025-51536
Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password...
CVE-2025-51535
Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability...
CVE-2025-51534
A cross-site scripting XSS vulnerability in Austrian Archaeological Institute AI OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
PT-2025-31819 · Openatlas · Openatlas
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.11.0 Description: OpenAtlas v8.11.0 contains a hardcoded Administrator password. Recommendations: Change the hardcoded Administrator password...
CVE-2025-51534
OpenAtlas v8.11.0 from Austrian Archaeological Institute is affected by a cross-site scripting (XSS) issue that allows injecting a crafted payload into the Name field to execute arbitrary web scripts/HTML. CVSS v3.1 base score 8.1 (HIGH) with NETWORK attack vector, low attack complexity, user int...
CVE-2025-51534
A cross-site scripting XSS vulnerability in Austrian Archaeological Institute AI OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...