14 matches found
EUVD-2021-31405
Malicious code in bioql PyPI...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 contains a vulnerability where uploaded files to the media directory are not properly sanitized, allowing an attacker to upload a malicious PHP file and obtain remote code execution. This CVE entry documents the impact as remote code execution with network access and no authe...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
Kreado Kreasfero 代码问题漏洞
Kreado Kreasfero is an open source CMS from the German company Kreado. A security vulnerability exists in Kreado Kreasfero version 1.5, which stems from an inability to properly clean up files uploaded to the media directory, and can be exploited by an attacker to upload malicious PHP files and...
CVE-2021-44581
An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...
CVE-2021-44581
An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...
Sql injection
An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...
CVE-2021-44581
CVE-2021-44581 affects Kreado Kreasfero 1.5 (an open-source CMS). The vulnerability is an SQL injection via the id parameter, with CVSS v3.1 base score 7.5 (high impact, network access, no user interaction). Connected sources confirm the root cause is improper handling of the id parameter leading...
CVE-2021-44581
An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...
Kreado Kreasfero SQL注入漏洞
Kreado Kreasfero is an open source CMS from the German company Kreado. A security vulnerability exists in Kreado Kreasfero version 1.5, which is caused by a SQL injection vulnerability in the id parameter...