99 matches found
EUVD-2022-46651
Malicious code in bioql PyPI...
EUVD-2022-46648
Malicious code in bioql PyPI...
EUVD-2022-32761
Malicious code in bioql PyPI...
EUVD-2025-13593
Malicious code in bioql PyPI...
EUVD-2025-25880
Malicious code in bioql PyPI...
EUVD-2023-36437
Malicious code in bioql PyPI...
CVE-2025-27388
CVE-2025-27388 describes an issue where loading arbitrary external URLs through WebView components can inject malicious JavaScript to steal user tokens. The initial entry notes high impact (CVSS 4.0 base score 8.3) with NETWORK attack vector and high confidentiality impact. Connected documents co...
CVE-2025-6259
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24075)
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Materialized View for Oracle Databas...
CVE-2025-51658
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMSInquiryView.php...
CVE-2023-32066
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
CVE-2021-34883
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-34944
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-34916
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-34897
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-34905
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-34886
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-34894
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-21260
Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...