29 matches found
EUVD-2024-54225
Malicious code in bioql PyPI...
EUVD-2024-54228
Malicious code in bioql PyPI...
EUVD-2024-54226
Malicious code in bioql PyPI...
EUVD-2024-54227
Malicious code in bioql PyPI...
CVE-2024-50707
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request...
CVE-2024-50705
Unauthenticated reflected cross-site scripting XSS vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary scripts via the page parameter...
CVE-2024-50706
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database...
CVE-2024-50704
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request...
CVE-2024-50707
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request...
CVE-2024-50707
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request...
CVE-2024-50704
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request...
CVE-2024-50704
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request...
CVE-2024-50705
Unauthenticated reflected cross-site scripting XSS vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary scripts via the page parameter...
CVE-2024-50705
Unauthenticated reflected cross-site scripting XSS vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary scripts via the page parameter...
CVE-2024-50704
The CVE details an unauthenticated remote code execution in Uniguest Tripleplay before 24.2.1, exploitable via a specially crafted HTTP POST. Affected component: Tripleplay software; vulnerability arises from the HTTP POST handling. Impact is rated HIGH/CRITICAL (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:C...
CVE-2024-50707
CVE-2024-50707 is an unauthenticated remote code‑execution in Uniguest Tripleplay prior to version 24.2.1. The issue can be triggered by sending a crafted HTTP GET containing an X-Forwarded-For header, allowing an attacker to execute arbitrary code on affected systems. The CVSS v3.1 base score is...
CVE-2024-50707
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request...
CVE-2024-50704
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request...
CVE-2024-50706
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database...
Uniguest Tripleplay SQL注入漏洞
Uniguest Tripleplay is a multimedia player from Uniguest. A SQL injection vulnerability exists in Uniguest Tripleplay versions prior to 24.2.1 that stems from SQL injection...