1284 matches found
EUVD-2024-48072
Malicious code in bioql PyPI...
EUVD-2025-30751
Malicious code in bioql PyPI...
EUVD-2022-4441
Malicious code in bioql PyPI...
EUVD-2023-34004
Malicious code in bioql PyPI...
EUVD-2023-44425
Malicious code in bioql PyPI...
CVE-2025-10287 roncoo roncoo-pay orderQuery direct request
A vulnerability has been found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. The affected element is an unknown function of the file /auth/orderQuery. Such manipulation of the argument orderNo leads to direct request. The attack may be performed from remote. A high complexi...
CVE-2025-10287 roncoo roncoo-pay orderQuery direct request
A vulnerability has been found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. The affected element is an unknown function of the file /auth/orderQuery. Such manipulation of the argument orderNo leads to direct request. The attack may be performed from remote. A high complexi...
roncoo-pay 安全漏洞
roncoo-pay roncoo payment system is an Internet payment system open-sourced by Lead Class Network RonCoo. A security vulnerability exists in roncoo-pay, which stems from a misuse of the parameter orderNo in the file /auth/orderQuery, which could lead to a direct request attack...
Unspecified Vulnerability in Automated Voting System
Automated Voting System is an automated voting system. Automated Voting System suffers from an unspecified vulnerability that stems from susceptibility to direct request attacks. No details of the vulnerability are available at this time...
CVE-2025-6352
A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-6352 code-projects Automated Voting System Backend vote.php direct request
A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-6352
CVE-2025-6352 affects code-projects Automated Voting System 1.0, Backend vote.php. The vulnerability involves an unknown function in /vote.php enabling direct request manipulation that can be triggered remotely, with exploitation disclosed publicly. Multiple connected sources corroborate a remote...
CVE-2025-6352 code-projects Automated Voting System Backend vote.php direct request
A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been...
code-projects Automated Voting System 安全漏洞
Automated Voting System is an automated voting system. Automated Voting System suffers from an unspecified vulnerability that stems from susceptibility to direct request attacks. No details of the vulnerability are available at this time...
CVE-2024-7080
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...
CVE-2023-5786
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-5702
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...
CVE-2013-4097
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message...
CVE-2011-3697
Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraphradar.php and certain other files...
CVE-2018-7209
An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idashboards/config.xml URI, as demonstrated by intranet URLs for reports...