24 matches found
EUVD-2024-52781
Malicious code in bioql PyPI...
EUVD-2024-52782
Malicious code in bioql PyPI...
EUVD-2024-52783
Malicious code in bioql PyPI...
CVE-2024-55507
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the deletee.php component...
CVE-2024-55505
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component...
PT-2025-5882 · Codeastro · Codeastro Complaint Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Complaint Management System version 1.0 Description: The issue concerns incorrect access control in the endpoint "/admin/m delete.php" that allows unauthorized attackers to delete complaints arbitrarily by modifying the id parameter...
CVE-2024-56889
Incorrect access control in the endpoint /admin/mdelete.php of CodeAstro Complaint Management System v1.0 allows unauthorized attackers to arbitrarily delete complaints via modification of the id parameter...
CVE-2024-56889
CVE-2024-56889 affects CodeAstro Complaint Management System v1.0. The vulnerability is an Incorrect access control on the endpoint /admin/m_delete.php, allowing an unauthorized attacker to arbitrarily delete complaints by modifying the id parameter. The CVSS 3.1 base score is 7.5 (High) with Net...
CVE-2024-55507
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the deletee.php component...
CVE-2024-55507
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the deletee.php component...
CVE-2024-55507
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the deletee.php component...
PT-2025-3123 · Codeastro · Codeastro Complaint Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Complaint Management System version 1.0 Description: The issue allows a remote attacker to escalate privileges via the delete e.php component. Recommendations: For CodeAstro Complaint Management System version 1.0, consider disablin...
CVE-2024-55507
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the deletee.php component...
CVE-2024-55507
CVE-2024-55507 concerns CodeAstro Complaint Management System v1.0, where the delete_e.php component enables a remote attacker to escalate privileges. The CVSSv3.1 base score is 9.8 (CRITICAL) with network access, low attack complexity, and no user interaction required. Affected product is CodeAs...
CodeAstro Complaint Management System 安全漏洞
CodeAstro Complaint Management System is a complaint management system from CodeAstro, Inc. A security vulnerability exists in CodeAstro Complaint Management System version 1.0, which can be exploited by a remote attacker to elevate privileges with the help of the deletee.php component...
CVE-2024-55509
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component...
CVE-2024-55509
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component...
CodeAstro Complaint Management System 安全漏洞
CodeAstro Complaint Management System is a complaint management system from CodeAstro. A security vulnerability exists in CodeAstro Complaint Management System version 1.0, which stems from a SQL injection vulnerability that allows remote attackers to execute arbitrary code and elevate privileges...
CVE-2024-55509
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component...
CVE-2024-55509
The CVE-2024-55509 issue affects CodeAstro Complaint Management System v1.0. A SQL injection in the delete.php component (via the id parameter) allows a remote attacker to execute arbitrary code and escalate privileges. The primary impact described across sources is high/remote-execution with pot...