22 matches found
EUVD-2022-53407
Malicious code in bioql PyPI...
EUVD-2025-20102
Malicious code in bioql PyPI...
EUVD-2025-8249
Malicious code in bioql PyPI...
EUVD-2024-49499
Malicious code in bioql PyPI...
Exploit for CVE-2025-47227
🔓 CVE-2025-47227 — Critical Admin Password Reset Bypass in Scr...
PT-2025-28035
Name of the Vulnerable Software and Affected Versions: Netmake ScriptCase versions 9.12.006 and earlier Description: The issue allows authenticated attackers to execute system commands via crafted HTTP requests due to shell injection in the SSH connection settings. Additionally, there is a...
CVE-2024-46083
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious code into any user's account on the platform. It is important to note that regular users can trigger...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46081
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform...
CVE-2024-46084
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution RCE via the nmunzip function...
CVE-2024-46080
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution RCE via the nmzip function...
CVE-2024-46082
Scriptcase v.9.10.023 and before is vulnerable to Cross Site Scripting XSS in nmcor.php via the form and field parameters...
CVE-2022-32199
dbconvert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Deletion by an admin via a directory traversal sequence in the file parameter...
CVE-2025-29322
A cross-site scripting XSS vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in the New Connection and Rename Connection pages...
CVE-2025-29322
A cross-site scripting XSS vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in the New Connection and Rename Connection pages...
CVE-2025-29322
ScriptCase CVE-2025-29322 describes a cross-site scripting (XSS) vulnerability in ScriptCase prior to v1.0.003 – Build 3. The issue allows an attacker to execute arbitrary code through a crafted payload entered in the Connection Name field on the New Connection and Rename Connection pages. The CV...
CVE-2025-29322
A cross-site scripting XSS vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in the New Connection and Rename Connection pages...
CVE-2024-46080
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution RCE via the nmzip function...
CVE-2024-46081
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform...
CVE-2024-46079
Affected product: Scriptcase v9.10.023 and earlier. Vulnerability: Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter. Root cause / nature: XSS exposure reported across multiple sources; CVSS 3.1 base score 6.1 (Medium) with Network attack vector, low attack complexity, no pri...