222 matches found
EUVD-2023-34371
Malicious code in bioql PyPI...
EUVD-2025-4660
Malicious code in bioql PyPI...
EUVD-2023-55932
Malicious code in bioql PyPI...
CVE-2025-10759
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...
CVE-2025-10759
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...
CVE-2025-10759
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...
CVE-2025-10759
Webkul QloApps up to 1.7.0 is affected by a CSRF Token Handler vulnerability. Manipulating the token argument can bypass authorization, potentially enabling remote abuse. The exploit is public. Vendor states a fix will be implemented in the next major release; no specific patched version is provi...
CVE-2025-10759 Webkul QloApps CSRF Token authorization
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...
CVE-2025-10759 Webkul QloApps CSRF Token authorization
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...
Webkul QloApps 安全漏洞
Webkul QloApps is a hotel reservation management software from Webkul. A security vulnerability exists in Webkul QloApps version 1.7.0 and earlier, which stems from the incorrect manipulation of the parameter token in the CSRF Token Handler component, which could lead to authorization bypass...
PT-2025-38648
Name of the Vulnerable Software and Affected Versions Webkul QloApps versions up to 1.7.0 Description A flaw exists in Webkul QloApps related to the CSRF Token Handler component. Manipulation of the token argument can lead to authorization bypass, potentially allowing remote attackers to compromi...
CVE-2025-29009
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...
CVE-2025-29009
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...
CVE-2025-29009 WordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Medical Prescription Attachment Plugin for WooCommerce: from n/a through 1.2.3...
CVE-2025-29009 WordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...
CVE-2025-6173
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...
CVE-2025-6173
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...
CVE-2025-6173
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...
CVE-2025-6173
Webkul QloApps 1.6.1 is affected by a SQL injection in /admin/ajax_products_list.php via manipulation of the packItself parameter. The vulnerability is exploitable remotely; exploitation details have been disclosed publicly. The vendor notes admin-privilege prerequisites and a fix is planned for ...
CVE-2025-6173 Webkul QloApps ajax_products_list.php sql injection
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...