EUVD-2022-4304

Malicious code in bioql PyPI...

litemall 路径遍历漏洞

litemall is a small mall system for linlinjava individual developers. A path traversal vulnerability exists in litemall 1.8.0 and earlier versions, which stems from improper handling of the parameter key in the file /admin/storage/delete, which could lead to a path traversal attack...

Weitong Mall 注入漏洞

Weitong Mall Weitong Mall is a shopping mall system by fuyanglipengjun, an individual developer. Weitong Mall injection vulnerability exists, the vulnerability stems from the wrong operation of the parameter key in the file platform-admin/src/main/java/com/platform/controller/SysLogController.jav...

PT-2024-36018 · Winnmp · Winnmp

Name of the Vulnerable Software and Affected Versions: WinNMP version 19.02 Description: A vulnerability has been discovered that allows for an XSS attack via the /tools/redis.php page, specifically in the k, hash, key, and p parameters. This could enable a remote user to submit a specially craft...

EasyImages Path Traversal Vulnerability

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A path traversal vulnerability exists in icret EasyImages version 2.8.3, which stems from unknown code in app/hide.php that causes path traversal via the parameter...

piWallet SQL注入漏洞

piWallet is a popular secure open source online torrents wallet for jfm individual developers. piWallet suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter key resulting in sql injection...

CVE-2022-35526

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml...