EUVD-2024-16345

Malicious code in bioql PyPI...

CVE-2025-3572

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...

CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...

CVE-2025-3572

CVE-2025-3572 concerns a Server-Side Request Forgery in INTUMIT’s SmartRobot. The issue allows unauthenticated remote attackers to probe internal networks and access arbitrary local files on the server via SSRF in the affected SmartRobot component. Public listings consistently describe the vulner...

CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...

Intumit SmartRobot 代码问题漏洞

Intumit SmartRobot is a web development framework from Intumit, Inc. A code issue vulnerability exists in Intumit SmartRobot that stems from vulnerability to server-side request forgery attacks...

CVE-2024-12652 Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')

A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...

CVE-2024-12652

CVE-2024-12652 affects Intumit SmartRobot’s Conversational AI Platform. A vulnerability in the groovy script function prior to v7.2.0 enables remote authenticated users to execute arbitrary system commands via Groovy code (Code Injection). This can impact availability, confidentiality, and integr...

Intumit SmartRobot Conversational AI Platform 安全漏洞

Intumit SmartRobot Conversational AI Platform is a conversational AI platform from Intumit. A security vulnerability previously existed in Intumit SmartRobot Conversational AI Platform version v7.2.0, which stemmed from an improper code generation control issue in Groovy script functions. An...

CVE-2024-8776

SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...

CVE-2024-8776

SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...

CVE-2024-8776 INTUMIT SmartRobot - Cross-site Scripting

SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...

CVE-2024-8776

CVE-2024-8776 affects Intumit SmartRobot. Root cause: insufficient validation of a page parameter enables unauthenticated remote attackers to perform reflected Cross-Site Scripting by injecting JavaScript into the parameter. Impact per sources: potential JavaScript execution in responses; CVSS 3....

CVE-2024-8776 INTUMIT SmartRobot - Cross-site Scripting

SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...

Intumit SmartRobot 跨站脚本漏洞

Intumit SmartRobot is a web development framework from Intumit, Inc. A cross-site scripting vulnerability exists in Intumit SmartRobot versions prior to v7.1.0 that stems from failure to properly validate a specific page parameter, which could allow an unauthenticated, remote attacker to inject...

CVE-2024-2413

Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timestamp to generate an authentication code. With this authentication code, they can obtain administrator privileges and subsequently execute...

CVE-2024-2413

Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timestamp to generate an authentication code. With this authentication code, they can obtain administrator privileges and subsequently execute...

CVE-2024-2413 Intumit SmartRobot - Use of Hard-coded Cryptographic Key

Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timestamp to generate an authentication code. With this authentication code, they can obtain administrator privileges and subsequently execute...

CVE-2024-2413

CVE-2024-2413 affects Intumit SmartRobot, which uses a fixed cryptographic key for authentication. This allows remote attackers to craft an authentication code by encrypting a string of the user’s name and a timestamp, enabling administrator privileges and potential arbitrary code execution on th...

CVE-2024-2413 Intumit SmartRobot - Use of Hard-coded Cryptographic Key

Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timestamp to generate an authentication code. With this authentication code, they can obtain administrator privileges and subsequently execute...