13 matches found
EUVD-2025-27155
Malicious code in bioql PyPI...
EUVD-2025-19209
Malicious code in bioql PyPI...
CVE-2025-55849
WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and the cancelTemplatee...
CVE-2025-55849
WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and the cancelTemplatee...
CVE-2025-34045
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...
CVE-2025-34045 WeiPHP Path Traversal Arbitrary File Read
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...
CVE-2025-34045
WeiPHP 5.0 contains a path traversal vulnerability due to insufficient validation of the picUrl parameter in /public/index.php/material/Material/_download_imgage. Unauthenticated remote attackers can read arbitrary files on the server, potentially exposing sensitive data such as configuration fil...
PT-2025-26994 · Weiphp · Weiphp
Name of the Vulnerable Software and Affected Versions: WeiPHP version 5.0 Description: A path traversal issue exists in the /public/index.php/material/Material/ download imgage endpoint, specifically in the picUrl parameter, where insufficient input validation allows unauthenticated remote...
Weiphp information leakage vulnerability
Weiphp is a WeChat development platform that supports the development of public numbers and small programs by China's Shenzhen Yuanmeng Yun Weiphp company. An information disclosure vulnerability exists in WeiPHP 5.0, which stems from a failure to properly restrict access to pages associated with...
Weiphp 信息泄露漏洞
Weiphp is a WeChat development platform that supports the development of public numbers and small programs by China's Shenzhen Yuanmeng Yun Weiphp company. An information disclosure vulnerability exists in WeiPHP 5.0, which stems from a failure to properly restrict access to pages associated with...
Shenzhen Yuanmeng Cloud Technology Co., Ltd. WeiPHP has file reading vulnerability
WeiPHP is an open source microsoft public platform development framework. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP has a file reading vulnerability, which can be exploited by attackers to obtain sensitive information...
File inclusion vulnerability in WeiPHP pl***.cl***.php file at Shenzhen Yuanmeng Cloud Technology Co.
WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP pl.cl.php file file contains a file inclusion vulnerability that can be exploited by an attacker to gain...
Command Execution Vulnerability in WeiPHP 4.0 Pl***.cl***.php Page
WeiPHP is an open source WeChat public platform development framework to build a personal WeChat public account operation platform. A command execution vulnerability exists in the WeiPHP 4.0 Pl.cl.php page, which can be exploited by an attacker to gain administrator privileges...