Lucene search
K

222 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-34371

Malicious code in bioql PyPI...

5.4CVSS4.2AI score0.00592EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-4660

Malicious code in bioql PyPI...

4.2CVSS6.5AI score0.00205EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-55932

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0109EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/23 1:46 a.m.6 views

CVE-2025-10759

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...

6.9CVSS6.9AI score0.0032EPSS
Exploits1References1
NVD
NVD
added 2025/09/21 1:15 a.m.9 views

CVE-2025-10759

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...

6.9CVSS0.0032EPSS
Exploits1References5
OSV
OSV
added 2025/09/21 1:15 a.m.6 views

CVE-2025-10759

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...

6.9CVSS7AI score
Exploits0References5
CVE
CVE
added 2025/09/21 1:2 a.m.21 views

CVE-2025-10759

Webkul QloApps up to 1.7.0 is affected by a CSRF Token Handler vulnerability. Manipulating the token argument can bypass authorization, potentially enabling remote abuse. The exploit is public. Vendor states a fix will be implemented in the next major release; no specific patched version is provi...

6.9CVSS5.5AI score0.0032EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/21 1:2 a.m.3 views

CVE-2025-10759 Webkul QloApps CSRF Token authorization

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...

6.9CVSS6.5AI score0.0032EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/21 1:2 a.m.9 views

CVE-2025-10759 Webkul QloApps CSRF Token authorization

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The...

6.9CVSS0.0032EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/21 12:0 a.m.2 views

Webkul QloApps 安全漏洞

Webkul QloApps is a hotel reservation management software from Webkul. A security vulnerability exists in Webkul QloApps version 1.7.0 and earlier, which stems from the incorrect manipulation of the parameter token in the CSRF Token Handler component, which could lead to authorization bypass...

6.9CVSS5.3AI score0.0032EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/21 12:0 a.m.11 views

PT-2025-38648

Name of the Vulnerable Software and Affected Versions Webkul QloApps versions up to 1.7.0 Description A flaw exists in Webkul QloApps related to the CSRF Token Handler component. Manipulation of the token argument can lead to authorization bypass, potentially allowing remote attackers to compromi...

6.9CVSS5.1AI score0.0032EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.13 views

CVE-2025-29009

Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...

10CVSS5.9AI score0.00544EPSS
Exploits3References1
NVD
NVD
added 2025/07/16 12:15 p.m.9 views

CVE-2025-29009

Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...

10CVSS0.00544EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2025/07/16 11:28 a.m.6 views

CVE-2025-29009 WordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Medical Prescription Attachment Plugin for WooCommerce: from n/a through 1.2.3...

10CVSS6.4AI score0.00544EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/07/16 11:28 a.m.18 views

CVE-2025-29009 WordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce medical-prescription-attachment-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Medical Prescription Attachment Plugin for WooCommerce...

10CVSS0.00544EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/06/19 7:19 a.m.6 views

CVE-2025-6173

A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...

7.2CVSS5.2AI score0.00468EPSS
Exploits1References1
OSV
OSV
added 2025/06/17 7:15 a.m.3 views

CVE-2025-6173

A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...

7.2CVSS7.6AI score
Exploits0References5
NVD
NVD
added 2025/06/17 7:15 a.m.18 views

CVE-2025-6173

A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...

7.2CVSS0.00468EPSS
Exploits1References5
CVE
CVE
added 2025/06/17 6:31 a.m.39 views

CVE-2025-6173

Webkul QloApps 1.6.1 is affected by a SQL injection in /admin/ajax_products_list.php via manipulation of the packItself parameter. The vulnerability is exploitable remotely; exploitation details have been disclosed publicly. The vendor notes admin-privilege prerequisites and a fix is planned for ...

7.2CVSS7.6AI score0.00468EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/06/17 6:31 a.m.21 views

CVE-2025-6173 Webkul QloApps ajax_products_list.php sql injection

A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajaxproductslist.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has be...

5.8CVSS0.00468EPSS
Exploits1References5
Rows per page
Query Builder