36 matches found
EUVD-2024-49408
Malicious code in bioql PyPI...
EUVD-2024-51026
Malicious code in bioql PyPI...
EUVD-2025-10857
Malicious code in bioql PyPI...
CVE-2025-3572
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...
CVE-2025-3572
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...
CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...
CVE-2025-3572
CVE-2025-3572 concerns a Server-Side Request Forgery in INTUMIT’s SmartRobot. The issue allows unauthenticated remote attackers to probe internal networks and access arbitrary local files on the server via SSRF in the affected SmartRobot component. Public listings consistently describe the vulner...
CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...
Intumit SmartRobot 代码问题漏洞
Intumit SmartRobot is a web development framework from Intumit, Inc. A code issue vulnerability exists in Intumit SmartRobot that stems from vulnerability to server-side request forgery attacks...
CVE-2024-12652
A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...
CVE-2024-12652
A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...
CVE-2024-12652 Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')
A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...
CVE-2024-12652 Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')
A Improper Control of Generation of Code 'Code Injection' vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code...
CVE-2024-12652
CVE-2024-12652 affects Intumit SmartRobot’s Conversational AI Platform. A vulnerability in the groovy script function prior to v7.2.0 enables remote authenticated users to execute arbitrary system commands via Groovy code (Code Injection). This can impact availability, confidentiality, and integr...
Intumit SmartRobot Conversational AI Platform 安全漏洞
Intumit SmartRobot Conversational AI Platform is a conversational AI platform from Intumit. A security vulnerability previously existed in Intumit SmartRobot Conversational AI Platform version v7.2.0, which stemmed from an improper code generation control issue in Groovy script functions. An...
PT-2024-17692 · Smartrobot · Smartrobot'S Conversational Ai Platform
Name of the Vulnerable Software and Affected Versions: SmartRobot's Conversational AI Platform versions prior to 7.2.0 Description: A Code Injection vulnerability exists in the groovy script function of SmartRobot's Conversational AI Platform, allowing remote authenticated users to perform...
CVE-2024-8776
SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...
CVE-2024-8776
SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...
CVE-2024-8776
CVE-2024-8776 affects Intumit SmartRobot. Root cause: insufficient validation of a page parameter enables unauthenticated remote attackers to perform reflected Cross-Site Scripting by injecting JavaScript into the parameter. Impact per sources: potential JavaScript execution in responses; CVSS 3....
CVE-2024-8776 INTUMIT SmartRobot - Cross-site Scripting
SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...