18 matches found
EUVD-2024-48169
Malicious code in bioql PyPI...
CVE-2025-7917
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-7920 Simopro Technology|WinMatrix3 Web package - Reflected Cross-Site Scripting
WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-7920
CVE-2025-7920 describes a reflected Cross-site Scripting vulnerability in the WinMatrix3 Web package from Simopro Technology. The issue arises from lack of proper filtering/escaping of user-supplied data, enabling unauthenticated attackers to induce a user to execute arbitrary JavaScript in the b...
CVE-2025-7920 Simopro Technology|WinMatrix3 Web package - Reflected Cross-Site Scripting
WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-7919 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7919 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7918 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7917 Simopro Technology|WinMatrix3 Web package - Arbitrary File Upload
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
PT-2025-30230 · Simopro Technology · Winmatrix3 Web
Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package versions affected versions not specified Description: The WinMatrix3 Web package developed by Simopro Technology contains an arbitrary file upload issue. This allows remote attackers with administrator privileges to...
PT-2025-30235 · Simopro Technology · Winmatrix3 Web
Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package versions affected versions not specified Description: WinMatrix3 Web package developed by Simopro Technology contains a SQL Injection flaw. This allows unauthenticated remote attackers to inject arbitrary SQL commands,...
PT-2025-30240 · Simopro Technology · Winmatrix3 Web
Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package versions affected versions not specified Description: The WinMatrix3 Web package developed by Simopro Technology contains a Reflected Cross-site Scripting issue. This allows unauthenticated remote attackers to execute...
PT-2025-30231
Name of the Vulnerable Software and Affected Versions WinMatrix3 Web package versions affected versions not specified Description WinMatrix3 Web package developed by Simopro Technology contains a SQL Injection vulnerability. This allows unauthenticated remote attackers to inject arbitrary SQL...
CVE-2024-7202
The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
CVE-2024-7202
The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
CVE-2024-7201
The login functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
CVE-2024-7201 Simopro Technology WinMatrix3 Web package - SQL Injection
The login functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
PT-2024-38164 · Simopro Technology · Winmatrix3 Web Package
Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package from Simopro Technology affected versions not specified Description: The query functionality lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and...