78 matches found
Soul-Collector
Windows Post-Exploitation & Credential Hunting Tool Uma ferra...
CRM Sistemas MegaCMS SQL注入漏洞
CRM Sistemas MegaCMS is a content management system provided by CRM Sistemas, which offers features for creating and managing website content. Version 12.0.0 of CRM Sistemas MegaCMS has a SQL injection vulnerability. This vulnerability stems from insufficient validation and cleaning of user input...
CVE-2024-2479
A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-2480
A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The explo...
EUVD-2025-6279
Malicious code in bioql PyPI...
EUVD-2025-31083
Malicious code in bioql PyPI...
EUVD-2025-1774
Malicious code in bioql PyPI...
EUVD-2024-27429
Malicious code in bioql PyPI...
EUVD-2024-43255
Malicious code in bioql PyPI...
EUVD-2024-27428
Malicious code in bioql PyPI...
Sistemas Pleno Gestão de Locação 安全漏洞
Sistemas Pleno Gestão de Locação is a real estate rental software from the Brazilian company Sistemas Pleno. A security vulnerability exists in Sistemas Pleno Gestão de Locação version 2025.7.x and earlier, which stems from incorrect manipulation of the parameter pescpf in the file...
CVE-2025-0578
A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as problematic. Affected is an unknown function of the file /account/forgotpassword of the component Password Reset Handler. The manipulation of the argument reterros leads to cross site scripting. It i...
CVE-2024-51182
HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...
CVE-2024-48761
Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...
CVE-2024-55198
User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...
CVE-2024-55199
A Stored Cross Site Scripting XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser...
CVE-2024-55198
User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...
CVE-2024-55198
User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...
CVE-2024-55198
User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...
PT-2025-11185 · Celk Sistemas · Celk Saude
Name of the Vulnerable Software and Affected Versions: Celk Sistemas Celk Saude version 3.1.252.1 Description: The issue concerns user enumeration via discrepancies in error messages in the password recovery functionality, allowing a remote attacker to enumerate users through different responses...