4 matches found
EUVD-2026-37855
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.main.php, the file upload action 'a=upload' processes uploaded files without calling cotcheckxg to validate the anti-CSRF token, even though...
EUVD-2025-32315
Malicious code in bioql PyPI...
The vulnerability of the UpLoadAction class in the software for managing power sources of Voltronic Power ViewPower allows a perpetrator to execute arbitrary code and gain full control over the system.
The vulnerability of the UpLoadAction class in the software for managing power sources of Voltronic Power ViewPower Pro relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain full control over the...
PT-2023-8170 · Voltronic Power · Voltronic Power Viewpower
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...