19 matches found
EUVD-2023-50683
Malicious code in bioql PyPI...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
GHSA-93P6-9CXV-5RPQ juzawebCMS Incorrect Access Control vulnerability
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
juzawebCMS Incorrect Access Control vulnerability
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
GHSA-H92M-4G9M-72VR juzawebCMS Injection vulnerability
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
Cross site scripting
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
CVE-2023-46468
Summary: CVE-2023-46468 affects juzawebCMS ≤ 3.4, where a crafted file to the custom plugin function can lead to remote code execution. The issue is described consistently across sources (Red Hat, GHSA, OSV, NVD, CVE List, CNNVD, etc.). The vulnerability originates from processing crafted input v...
CVE-2023-46467
CVE-2023-46467 affects juzawebCMS versions 3.4 and earlier. The vulnerability is a Cross-Site Scripting flaw that allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter on the registration page. Root cause details are not explicitly provided beyond the ...
CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
PT-2023-30037 · Unknown · Juzawebcms
Name of the Vulnerable Software and Affected Versions: juzawebCMS versions 3.4 and earlier Description: An issue in the software allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function. This enables the attacker to potentially gain control over the...
PT-2023-30036 · Unknown · Juzawebcms
Name of the Vulnerable Software and Affected Versions: juzawebCMS versions 3.4 and earlier Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page. This is a Cross Site Scripting vulnerability...