54 matches found
CVE-2025-66360
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...
CVE-2025-66359
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...
EUVD-2025-199837
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...
EUVD-2024-26856
Malicious code in bioql PyPI...
EUVD-2024-52976
Malicious code in bioql PyPI...
EUVD-2025-22033
Malicious code in bioql PyPI...
EUVD-2022-51380
Malicious code in bioql PyPI...
EUVD-2024-52978
Malicious code in bioql PyPI...
EUVD-2022-51379
Malicious code in bioql PyPI...
EUVD-2024-52975
Malicious code in bioql PyPI...
EUVD-2025-22034
Malicious code in bioql PyPI...
CVE-2025-54317
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
CVE-2025-54317
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
CVE-2025-54317
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...
Logpoint 跨站脚本漏洞
Logpoint is a network security application from Logpoint Denmark. A cross-site scripting vulnerability exists in Logpoint versions prior to 7.6.0, which stems from a failure to validate a Jinja template when creating a report, and could lead to a cross-site scripting attack...
CVE-2025-54317
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...