CVE-2025-1083

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...

CVE-2025-1082

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

EUVD-2025-1995

Malicious code in bioql PyPI...

EUVD-2025-1994

Malicious code in bioql PyPI...

EUVD-2025-1996

Malicious code in bioql PyPI...

CVE-2025-1084

A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...

CVE-2025-1084

A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...

Mindskip xzs-mysql 安全漏洞

Mindskip xzs-mysql is a java + vue front-end and back-end separated exam system from Wuhan Mindskip Technology Mindskip company in China. The main advantages are simple and fast development and deployment, friendly interface design and clear code structure. Support web end and wechat small progra...

CVE-2025-1084 Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgery

A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...

CVE-2025-1084 Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgery

A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...

CVE-2025-1084

The CVE-2025-1084 entry concerns Mindskip xzs-mysql 学之思开源考试系统 3.9.0 with a cross-site request forgery (CSRF) vulnerability. Affected component/functionality is not specified beyond “some unknown functionality,” but the issue is exploitable remotely and affects multiple endpoints. The exploit has ...

CVE-2025-1083

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...

CVE-2025-1082

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

CVE-2025-1082

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

CVE-2025-1083

Mindskip xzs-mysql 学之思开源考试系统 3.9.0 is affected via the CORS Handler, causing a permissive cross-domain policy with untrusted domains. Impacted component allows remote access with high attack complexity and exploitation described as difficult, with public disclosure. Several connected sources corr...

CVE-2025-1083 Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policy

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...

CVE-2025-1083 Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policy

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

CVE-2025-1082

Mindskip xzs-mysql (3.9.0) has a Cross-Site Scripting (XSS) vulnerability in the Exam Edit Handler, specifically in /api/admin/question/edit. The issue arises from manipulating the title/content parameters of that API, allowing remote attackers to inject script. Public exploit information exists ...