2169 matches found
EUVD-2025-11105
Malicious code in bioql PyPI...
EUVD-2025-19288
Malicious code in bioql PyPI...
EUVD-2025-11728
Malicious code in bioql PyPI...
EUVD-2024-43529
Malicious code in bioql PyPI...
EUVD-2024-43324
Malicious code in bioql PyPI...
EUVD-2024-45548
Malicious code in bioql PyPI...
EUVD-2024-45903
Malicious code in bioql PyPI...
EUVD-2024-44938
Malicious code in bioql PyPI...
EUVD-2024-52944
Malicious code in bioql PyPI...
CVE-2025-56162
YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...
CVE-2025-56162
YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...
CVE-2025-56162
YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...
PT-2025-40400
Name of the Vulnerable Software and Affected Versions YOSHOP version 2.0 Description The software is susceptible to an unauthenticated SQL injection through the goodsIds parameter of the /api/goods/listByIds API endpoint. The getListByIds function improperly concatenates user-supplied input into ...
VulnCheck KEV: CVE-2024-56064
Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through = 2.3.3...
WordPress Plugin AR For WordPress Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plugin AR For WordPress, whi...
CVE-2025-60219
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through = 1.9.24...
CVE-2025-60156
Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.36...
CVE-2025-60219
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through = 1.9.24...
CVE-2025-60219 WordPress WooCommerce Designer Pro Plugin <= 1.9.24 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through = 1.9.24...
CVE-2025-60219 WordPress WooCommerce Designer Pro Plugin <= 1.9.24 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through = 1.9.24...