Lucene search
K

140 matches found

RedhatCVE
RedhatCVE
added 2025/10/06 6:14 a.m.16 views

CVE-2025-58769

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS7AI score0.00329EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.26 views

EUVD-2025-32055

Malicious code in bioql PyPI...

3.3CVSS6.3AI score0.00329EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-29938

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.03271EPSS
Exploits4References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.27 views

EUVD-2025-32054

Malicious code in bioql PyPI...

3.3CVSS6.3AI score0.00329EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.35 views

EUVD-2025-32043

Malicious code in bioql PyPI...

3.3CVSS6.3AI score0.00329EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-34944

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00384EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-42699

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.0032EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53588

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00442EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-42696

Malicious code in bioql PyPI...

6CVSS6.6AI score0.00395EPSS
Exploits0References3
OSV
OSV
added 2025/10/01 9:21 p.m.1 views

GHSA-7JP2-5H22-M432 Auth0 Symfony SDK Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00329EPSS
Exploits0References5
OSV
OSV
added 2025/10/01 9:21 p.m.4 views

GHSA-HJFH-5JMM-XR24 laravel-auth0 SDK Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00329EPSS
Exploits0References5
Snyk
Snyk
added 2025/10/01 8:41 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Bulk User Import endpoint due to improper sanitization of the file path wrapper and value. An attacker can access unauthorized files or resources by supplying arbitrary file paths or URLs. Details A Directory...

5.1CVSS7.4AI score0.00329EPSS
Exploits0References2
NVD
NVD
added 2025/10/01 8:18 p.m.54 views

CVE-2025-58769

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS0.00329EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/10/01 7:57 p.m.1 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS6.6AI score0.00329EPSS
Exploits0References6
OSV
OSV
added 2025/10/01 7:57 p.m.8 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS6.7AI score0.00329EPSS
Exploits0References8
CVE
CVE
added 2025/10/01 7:57 p.m.18 views

CVE-2025-58769

CVE-2025-58769 affects the Auth0-PHP SDK (versions 3.3.0–8.16.0) where the Bulk User Import endpoint does not validate the file-path wrapper or value, allowing arbitrary file paths or URLs. This impacts applications directly using the Auth0-PHP SDK or through Auth0/symfony, Auth0/laravel-auth0, a...

3.3CVSS6.6AI score0.00329EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.4 views

PT-2025-40296

Name of the Vulnerable Software and Affected Versions auth0-PHP versions 3.3.0 through 8.16.0 Description The Bulk User Import endpoint does not validate file path wrappers or values, potentially allowing acceptance of arbitrary file paths or URLs. This affects applications directly using the...

3.3CVSS6.8AI score0.00329EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.13 views

CVE-2024-22151

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.24.6...

5.3CVSS6.9AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.5 views

CVE-2020-26517

A cross-site scripting XSS issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. It is possible to perform XSS attacks through using the WebDAV functionality to upload files to a project Authn users, using the users import functionality Admin only, and changing the login text in t...

4.8CVSS5.4AI score0.00542EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 a.m.11 views

CVE-2017-9517

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...

8.8CVSS7AI score0.00451EPSS
Exploits0References1
Rows per page
Query Builder