32 matches found
EUVD-2025-31152
Malicious code in bioql PyPI...
EUVD-2025-31153
Malicious code in bioql PyPI...
EUVD-2025-31142
Malicious code in bioql PyPI...
CVE-2025-29155
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...
CVE-2025-29156
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...
CVE-2025-29157
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...
CVE-2025-29157
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...
CVE-2025-29156
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...
CVE-2025-29157
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...
CVE-2025-29156
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...
CVE-2025-29155
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...
CVE-2025-29155
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...
CVE-2025-29156
The CVE-2025-29156 entry concerns the Swagger Petstore sample (petstore) software, version 1.0.7, with a Cross Site Scripting (XSS) vulnerability in the /api/v3/pet endpoint. The root cause is input handling that allows crafted scripts to be processed, enabling a remote attacker to execute arbitr...
CVE-2025-29157
CVE-2025-29157 concerns the Swagger Petstore sample (version 1.0.7). The issue occurs when an attacker accesses a non-existent endpoint like /cart, causing the server to return a 404 error page that reveals sensitive information, including the servlet name (default) and server version. The descri...
CVE-2025-29155
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...
CVE-2025-29156
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from a server returning a 404 error page and exposing sensitive information when accessing a non-existent endpoint or shopping cart...
CVE-2025-29155
The CVE-2025-29155 entry describes a vulnerability in Swagger Petstore Sample (petstore) version 1.0.7 where a remote attacker can execute arbitrary code via the DELETE endpoint. Technical details across connected sources confirm the affected product/version and that the vulnerability arises from...
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7 that stems from the DELETE endpoint not properly validating input, which could lead to remote code execution...
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from the /api/v3/pet interface not validating specially crafted scripts, which could lead to a cross-site scripting attack...