37 matches found
EUVD-2022-43359
Malicious code in bioql PyPI...
EUVD-2022-43361
Malicious code in bioql PyPI...
EUVD-2022-43360
Malicious code in bioql PyPI...
EUVD-2022-43358
Malicious code in bioql PyPI...
CVE-2022-40034
Cross-Site Scripting XSS vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter...
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component...
CVE-2022-40036
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component...
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile...
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile...
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile...
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component...
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component...
Command injection
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile...
Unrestricted file upload
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component...
Design/Logic Flaw
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component...
Rawchen blog-ssm 代码问题漏洞
blog-ssm is a JavaWeb-based blog project by the individual developer Rawchen in China. A security vulnerability exists in Rawchen blog-ssm v1.0 that could allow a remote attacker to elevate privileges and execute arbitrary commands via the component /upFile...
Rawchen blog-ssm 安全漏洞
blog-ssm is a JavaWeb-based blog project by the individual developer Rawchen in China. A security vulnerability exists in Rawchen blog-ssm v1.0, which originated from a vulnerability that allows attackers to bypass privilege checks and obtain sensitive user information via the /adminGetUserList...
blog-ssm 代码问题漏洞
blog-ssm is a JavaWeb-based blogging project by the individual developer Rawchen in China. A security vulnerability exists in Rawchen blog-ssm v1.0, which stems from a file upload vulnerability that can be exploited by an attacker to execute arbitrary commands and gain privilege escalation via th...
CVE-2022-40035
Rawchen Blog-ssm v1.0 is affected by a File Upload vulnerability in the /uploadFileList endpoint that allows arbitrary command execution and privilege escalation. The CVE describes the vulnerability but provides no remediation details or patched version within the supplied documents. No exploitat...
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component...