28 matches found
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability occurred due to the use of the user::maintains function, which provided role filters as arrays and inserted IN clauses,...
pearweb 安全漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a security vulnerability. This vulnerability stemmed from the use of the pregReplace function with the / modifier in incorrectly updated email processing, potentially allowing PH...
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability stemmed from unsafe literal substitutions in cause-and-effect queries involving IN lists, posing a risk of SQL injection...
pearweb 安全漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a security vulnerability. This vulnerability stemmed from logical errors in the route diagram role check, which could allow non-maintainers to create, update, or delete route...
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability stemmed from the category deletion process, where an SQL injection could be exploited by attackers through the use of category I...
pearweb 安全漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions prior to pearweb1.33.0 contained security vulnerabilities. These vulnerabilities stemmed from predictable verification hashing, which could allow attackers to guess verification tokens and potentially unauthorized...
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect subscription deletion operations, which allowed attackers to inject SQL commands through specially crafte...
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability originated from the APDOC queue, where there was an SQL injection vulnerability that could allow attackers to manipulate the nam...
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability stems from the /get// endpoint, where there is an unauthenticated SQL injection vulnerability that could allow remote attackers ...
CVE-2022-27158
pearweb 1.32 suffers from Deserialization of Untrusted Data...
CVE-2022-27157
pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...
EUVD-2022-31695
Malicious code in bioql PyPI...
EUVD-2022-31694
Malicious code in bioql PyPI...
pearweb authorization issue vulnerability
pearweb is a PHP extension and application repository. pearweb has a security vulnerability that stems from a weak password recovery mechanism in include/users/passwordmanage.php, and no details of the vulnerability are currently available...
CVE-2022-27157
pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...
CVE-2022-27158
pearweb 1.32 suffers from Deserialization of Untrusted Data...
CVE-2022-27157
pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...
CVE-2022-27158
pearweb 1.32 suffers from Deserialization of Untrusted Data...
CVE-2022-27157
pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...
CVE-2022-27158
pearweb 1.32 suffers from Deserialization of Untrusted Data...