405 matches found
CVE-2025-13179
A CSRF (cross-site request forgery) vulnerability affects the Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to version 20250320. The issue enables manipulation via remote, with user interaction required for exploitation, and is described across multiple sources ...
CVE-2025-13178
A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...
CVE-2025-13177
A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but...
CVE-2025-13178 Bdtask/CodeCanyon SalesERP User Profile edit_profile cross site scripting
A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...
CVE-2025-13177 Bdtask/CodeCanyon SalesERP cross-site request forgery
A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but...
PT-2025-46997
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon SalesERP versions up to 20250728 Description A cross-site request forgery condition exists in Bdtask/CodeCanyon SalesERP. The issue affects an unspecified component and allows for remote manipulation. The exploit is publicly...
PT-2025-46998
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon SalesERP versions up to 20250728 Description A security issue exists in Bdtask/CodeCanyon SalesERP. The issue is related to the User Profile Handler component and specifically affects code within the /edit profile file...
PT-2025-47011
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution versions prior to 4.1 Description A flaw exists in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution. Manipulation of the Search argument in an unknown...
PT-2025-47001
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System versions up to 20250320 Description A cross-site request forgery issue exists in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System. The...
CVE-2025-11304
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
CVE-2025-11304
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
CVE-2025-11304 CodeCanyon/ui-lib Mentor LMS API cross-domain policy
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
EUVD-2025-32470
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
CVE-2025-11304 CodeCanyon/ui-lib Mentor LMS API cross-domain policy
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
CodeCanyon Mentor LMS 安全漏洞
CodeCanyon Mentor LMS is a learning management system from CodeCanyon. A security vulnerability exists in CodeCanyon Mentor LMS version 1.1.1 and earlier, which stems from the presence of unknown functionality in the API component that could lead to overly lax cross-domain policies...
PT-2025-40820
Name of the Vulnerable Software and Affected Versions CodeCanyon/ui-lib Mentor LMS versions up to 1.1.1 Description A flaw exists in the component API of CodeCanyon/ui-lib Mentor LMS. This issue can lead to a permissive cross-domain policy with untrusted domains, allowing for remote attacks. The...
EUVD-2024-49675
Malicious code in bioql PyPI...
EUVD-2024-49502
Malicious code in bioql PyPI...
EUVD-2025-22018
Malicious code in bioql PyPI...
EUVD-2024-16338
Malicious code in bioql PyPI...