19 matches found
EUVD-2024-27670
Malicious code in bioql PyPI...
EUVD-2024-27672
Malicious code in bioql PyPI...
EUVD-2024-27671
Malicious code in bioql PyPI...
EUVD-2024-27669
Malicious code in bioql PyPI...
EUVD-2024-27667
Malicious code in bioql PyPI...
EUVD-2024-27673
Malicious code in bioql PyPI...
CVE-2024-2726
Stored Cross-Site Scripting Stored-XSS vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration...
CVE-2024-2728
Information exposure vulnerability in the CIGESv2 system. This vulnerability could allow a local attacker to intercept traffic due to the lack of proper implementation of the TLS protocol...
CVE-2024-2723
SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...
CVE-2024-2722
SQL injection vulnerability in the CIGESv2 system, through /ajaxConfigTotem.php, in the 'id' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...
CVE-2024-2722
SQL injection vulnerability in the CIGESv2 system, through /ajaxConfigTotem.php, in the 'id' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...
CVE-2024-2727 Stored Cross-Site Scripting (Stored-XSS) vulnerability in the CIGESv2 system
HTML injection vulnerability affecting the CIGESv2 system, which allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message...
CVE-2024-2726 Stored Cross-Site Scripting (Stored-XSS) vulnerability in the CIGESv2 system
Stored Cross-Site Scripting Stored-XSS vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration...
CVE-2024-2726 Stored Cross-Site Scripting (Stored-XSS) vulnerability in the CIGESv2 system
Stored Cross-Site Scripting Stored-XSS vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration...
CVE-2024-2723 SQL injection vulnerability in the CIGESv2 system
SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...
CIGESv2 信息泄露漏洞
CIGESv2 is a queue and reservation management system from CIGESv2. CIGESv2 suffers from an information disclosure vulnerability that stems from the lack of a proper implementation of the TLS protocol, allowing a local attacker to intercept traffic...
PT-2024-21784 · Cigesv2 · Cigesv2
Name of the Vulnerable Software and Affected Versions: CIGESv2 system affected versions not specified Description: The issue allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message. This is due to an HTML injection vulnerability affecting the...
PT-2024-21790 · Cigesv2 · Cigesv2
Name of the Vulnerable Software and Affected Versions: CIGESv2 system affected versions not specified Description: The issue is related to an information exposure vulnerability in the CIGESv2 system. This could allow a local attacker to intercept traffic due to the lack of proper implementation o...
PT-2024-21777 · Cigesv2 · Cigesv2
Name of the Vulnerable Software and Affected Versions: CIGESv2 system affected versions not specified Description: The issue is a Stored Cross-Site Scripting Stored-XSS vulnerability affecting the CIGESv2 system. This allows an attacker to execute and store malicious javascript code in the...