826 matches found
EUVD-2022-52538
Malicious code in bioql PyPI...
EUVD-2023-40875
Malicious code in bioql PyPI...
EUVD-2021-31430
Malicious code in bioql PyPI...
EUVD-2022-5470
Malicious code in bioql PyPI...
EUVD-2022-4732
Malicious code in bioql PyPI...
EUVD-2025-8741
Malicious code in bioql PyPI...
EUVD-2022-53407
Malicious code in bioql PyPI...
PT-2025-38529
Name of the Vulnerable Software and Affected Versions 07FLYCMS, 07FLY-CMS, and 07FlyCRM versions up to 20250831 Description A cross-site scripting XSS flaw exists due to the manipulation of the Name argument in an unknown part of the /index.php file. This allows for remote execution of scripts. T...
CVE-2025-55911
An issue Clip Bucket v.5.5.2 Build90 allows a remote attacker to execute arbitrary codes via the filedownloader.php and the file parameter...
CVE-2025-55911
CVE-2025-55911 affects ClipBucket v5.5.2 Build#90. Multiple sources describe a vulnerability in actions/file_downloader.php where the file parameter enables a server-side request/command path that can lead to remote code execution. Exploitation could allow an authenticated user to trigger SSRF or...
CVE-2025-55911
An issue Clip Bucket v.5.5.2 Build90 allows a remote attacker to execute arbitrary codes via the filedownloader.php and the file parameter...
CVE-2025-55911
An issue Clip Bucket v.5.5.2 Build90 allows a remote attacker to execute arbitrary codes via the filedownloader.php and the file parameter...
CVE-2025-10479
A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...
fcba_zzm ics-park 代码问题漏洞
fcbazzm ics-park is an intelligent park management system from fcbazzm. A code issue vulnerability exists in version 2.0 of fcbazzm ics-park, which stems from the incorrect manipulation of the parameter File in the file FileUploadUtils.java, and could lead to arbitrary file uploads...
CVE-2025-10328
CVE-2025-10328 affects MiczFlor RPi-Jukebox-RFID versions up to 2.8.0. The vulnerability stems from improper handling of the File argument in the file /htdocs/api/playlist/playsinglefile.php , enabling os command injection. The issue can be exploited remotely and has been publicly disclosed. Mult...
CVE-2025-10273
A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this vulnerability is an unknown functionality of the file /view/file.aspx. Such manipulation of the argument File leads to path traversal. The exploit is publicly available and might be used. The vendor was contacted early about th...
RPi-Jukebox-RFID 操作系统命令注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. An OS command injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and...
erjinzhi 10OA 安全漏洞
erjinzhi 10OA is an enterprise automation system from China Binary erjinzhi. A security vulnerability exists in erjinzhi 10OA version 1.0, which stems from an incorrect manipulation of the parameter File in the file /view/file.aspx, which could lead to path traversal...
CVE-2025-10273
CVE-2025-10273 affects erjinzhi 10OA 1.0. A path traversal vulnerability exists in the /view/file.aspx handler caused by manipulation of the File argument. The exploit is publicly available; the vendor has not responded to disclosure. Several sources note no information about a fixed version or p...
CVE-2025-10273 erjinzhi 10OA file.aspx path traversal
A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this vulnerability is an unknown functionality of the file /view/file.aspx. Such manipulation of the argument File leads to path traversal. The exploit is publicly available and might be used. The vendor was contacted early about th...