EUVD-2025-23939

Malicious code in bioql PyPI...

EUVD-2025-23637

Malicious code in bioql PyPI...

CVE-2025-51629

A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...

CVE-2025-51629

A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...

CVE-2025-51628

Insecure Direct Object Reference IDOR vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter...

CVE-2025-51627

Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator...

CVE-2025-51629

CVE-2025-51629 is an XSS in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1. The root cause is improper handling of the Temp parameter, allowing an attacker to inject crafted payloads that execute scripts/HTML. Affected product: Agenzia Impresa Eccobook (PdfViewer, version 2.81.1). Imp...

Agenzia Impresa EccoBook 安全漏洞

Agenzia Impresa EccoBook is a ledger software from Agenzia Impresa, Italy. A security vulnerability exists in Agenzia Impresa EccoBook version 2.81.1, which stems from the improper handling of the Temp parameter by the PdfViewer component, which could lead to a cross-site scripting attack...

CVE-2025-51629

A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...

CVE-2025-51629

A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...

PT-2025-32293 · Unknown · Agenzia Impresa Eccobook

Name of the Vulnerable Software and Affected Versions: Agenzia Impresa Eccobook version 2.81.1 Description: A cross-site scripting XSS vulnerability exists in the PdfViewer component. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Temp...

CVE-2025-51628

Insecure Direct Object Reference IDOR vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter...

CVE-2025-51627

Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator...

CVE-2025-51628

The CVE-2025-51628 vulnerability affects the PdfHandler component in Agenzia Impresa Eccobook versions up to 2.81.1 (and prior to 2.81.2). It is an insecure direct object reference (IDOR) that allows unauthenticated attackers to read confidential documents by supplying a DocumentoId parameter. Th...

Agenzia Impresa Eccobook 安全漏洞

Agenzia Impresa EccoBook is a ledger software from Agenzia Impresa, Italy. A security vulnerability exists in Agenzia Impresa Eccobook version v2.81.1, which stems from improper access control in CaricaVerbale, and may result in elevated privileges...

PT-2025-31953 · Unknown · Agenzia Impresa Eccobook

Name of the Vulnerable Software and Affected Versions: Agenzia Impresa Eccobook versions 2.81.1 Description: An incorrect access control issue exists in CaricaVerbale within Agenzia Impresa Eccobook. Authenticated attackers with low-level access can escalate privileges to Administrator...

CVE-2025-51628

Insecure Direct Object Reference IDOR vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter...

CVE-2025-51627

Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator...

Agenzia Impresa EccoBook 安全漏洞

Agenzia Impresa EccoBook is a ledger software from Agenzia Impresa, Italy. A security vulnerability exists in Agenzia Impresa Eccobook v2.81.1 and earlier versions, which stems from an insecure direct object reference in the PdfHandler component that could lead to the reading of confidential...