292 matches found
EUVD-2024-45384
Malicious code in bioql PyPI...
EUVD-2023-43115
Malicious code in bioql PyPI...
EUVD-2025-10350
Malicious code in bioql PyPI...
EUVD-2025-12220
Malicious code in bioql PyPI...
EUVD-2022-51055
Malicious code in bioql PyPI...
EUVD-2024-2554
Malicious code in bioql PyPI...
EUVD-2023-38264
Malicious code in bioql PyPI...
EUVD-2024-50570
Malicious code in bioql PyPI...
EUVD-2023-43122
Malicious code in bioql PyPI...
EUVD-2023-43129
Malicious code in bioql PyPI...
EUVD-2023-43839
Malicious code in bioql PyPI...
Tenda CH22 安全漏洞
Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...
CVE-2025-9706
A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...
Apache Commons OGNL Arbitrary Code Execution Vulnerability
Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...
Linux Distros Unpatched Vulnerability : CVE-2024-46292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service DoS via a crafted input inserted into the name parameter. NOTE: this is...
PT-2025-31537 · Undefined · Undefined
A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployme...
CVE-2025-53713 TP-Link TL-WR841N WlanNetworkRpm_APC.htm buffer overflow
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpmAPC.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The...
CVE-2025-36846
An issue was discovered in Eveo URVE Web Manager 27.02.2025. The application exposes a /internal/pc/vpro.php localhost endpoint to unauthenticated users that is vulnerable to OS Command Injection. The endpoint takes an input parameter that is passed directly into the shellexec function of PHP...
Translated Lara Translate MCP Server 命令注入漏洞
Translated Lara Translate MCP Server is a Translated open source application. A command injection vulnerability exists in Translated Lara Translate MCP Server version 0.0.11 and earlier, which stems from insufficient cleanup of input parameters and could lead to a command injection attack...
PT-2025-30140 · Unknown · Church Donation System
Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A vulnerability exists in the Church Donation System software. The issue affects an unknown functionality within the /reg.php file. Manipulation of the mobile argument can lead to a SQL injectio...