Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/18 6:6 a.m.10 views

EUVD-2026-37855

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.main.php, the file upload action 'a=upload' processes uploaded files without calling cotcheckxg to validate the anti-CSRF token, even though...

8.6CVSS5.4AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-32315

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00618EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.8 views

The vulnerability of the UpLoadAction class in the software for managing power sources of Voltronic Power ViewPower allows a perpetrator to execute arbitrary code and gain full control over the system.

The vulnerability of the UpLoadAction class in the software for managing power sources of Voltronic Power ViewPower Pro relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain full control over the...

10CVSS8.2AI score0.01483EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.10 views

PT-2023-8170 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

10CVSS7.7AI score0.01483EPSS
Exploits0References8
Rows per page
Query Builder