34 matches found
EUVD-2025-12438
Malicious code in bioql PyPI...
EUVD-2025-12436
Malicious code in bioql PyPI...
EUVD-2025-12409
Malicious code in bioql PyPI...
EUVD-2025-11938
Malicious code in bioql PyPI...
CVE-2025-3997
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3979
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3978
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...
CVE-2025-3997
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3997 dazhouda lecms Personal Information Page index.php cross-site request forgery
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3997
CVE-2025-3997 affects dazhouda lecms 3.0.3. The vulnerability resides in the Personal Information Page’s endpoint, specifically the file range around /index.php?my-profile-ajax-1, where manipulation enables cross-site request forgery. Exploitation can be initiated remotely, and the public disclos...
CVE-2025-3997 dazhouda lecms Personal Information Page index.php cross-site request forgery
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
Lecms 安全漏洞
Lecms is a multi-million large data bearing web content management system developed by Lecms Inc. in PHP language. A security vulnerability exists in Lecms version 3.0.3, which originates from the file /index.php?my-profile-ajax-1 can lead to cross-site request forgery...
PT-2025-18035 · Unknown · Dazhouda Lecms
Name of the Vulnerable Software and Affected Versions: dazhouda lecms version 3.0.3 Description: A vulnerability has been found in dazhouda lecms, affecting an unknown part of the file "/index.php?my-profile-ajax-1" of the component Personal Information Page. The manipulation leads to cross-site...
CVE-2025-3979
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3979
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3979 dazhouda lecms Password Change index.php cross-site request forgery
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3979 dazhouda lecms Password Change index.php cross-site request forgery
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2025-3979
CVE-2025-3979 affects dazhouda lecms version 3.0.3, specifically the Password Change Handler and its /index.php?my-password-ajax-1 endpoint. Descriptions across sources state a cross-site request forgery vulnerability that can be initiated remotely and exploited publicly disclosed. The issue appe...
CVE-2025-3978
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...
CVE-2025-3978
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...