EUVD-2023-31073

Malicious code in bioql PyPI...

EUVD-2022-46064

Malicious code in bioql PyPI...

EUVD-2022-46065

Malicious code in bioql PyPI...

EUVD-2023-31070

Malicious code in bioql PyPI...

CVE-2023-26847

A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates...

CVE-2023-26845

A Cross-Site Request Forgery CSRF in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors...

CVE-2023-27295

Cross-site request forgery is facilitated by OpenCATS failure to require CSRF tokens in POST requests. An attacker can exploit this issue by creating a dummy page that executes Javascript in an authenticated user's session when visited...

CVE-2023-27292

An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters...

CVE-2023-26846

A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates...

CVE-2022-48013

Opencats v0.9.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields...

CVE-2022-48012

Opencats v0.9.7 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /opencats/index.php?m=settings=ajaxtagsupd...

CVE-2022-48011

Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function...

CVE-2022-43019

OpenCATS v0.9.6 was discovered to contain a remote code execution RCE vulnerability via the getDataGridPager's ajax functionality...

CVE-2022-43020

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag update function...

CVE-2022-43015

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the entriesPerPage parameter...

CVE-2022-43017

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the indexFile component...

CVE-2022-43022

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag deletion function...

CVE-2022-43016

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the callback component...

CVE-2022-43023

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function...

CVE-2022-43014

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the joborderID parameter...