28 matches found
EUVD-2011-1013
Malware in sbrugna...
EUVD-2023-0413
Malicious code in bioql PyPI...
CVE-2011-10003
A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address this issue. The patch is named...
CVE-2021-26642
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
CVE-2011-10003
A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address this issue. The patch is named...
Sql injection
A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address this issue. The patch is named...
CVE-2011-10003 XpressEngine Update Query sql injection
A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address this issue. The patch is named...
CVE-2011-10003
CVE-2011-10003 affects XpressEngine up to version 1.4.4. The issue arises from an unknown processing flaw in the Update Query Handler that enables a SQL injection. The vulnerability is fixed by upgrading to version 1.4.5, with the patch identified as c6e94449f21256d6362450b29c7847305e756ad5. Seve...
CVE-2011-10003 XpressEngine Update Query sql injection
A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address this issue. The patch is named...
PT-2023-9915 · Unknown · Xpressengine
Name of the Vulnerable Software and Affected Versions: XpressEngine versions up to 1.4.4 Description: A critical issue affects the Update Query Handler component, leading to sql injection. The estimated number of potentially affected devices worldwide is not available. There is no information abo...
XpressEngine SQL注入漏洞
XpressEngine is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. A SQL injection vulnerability exists in XpressEngine versions prior to 1.4.5, which stems from a problem with certain unknown processing in the component Update Query Handler, an...
GHSA-8R5J-22J5-W4CM XpressEngine vulnerable to Unrestricted Upload of File with Dangerous Type
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
XpressEngine vulnerable to Unrestricted Upload of File with Dangerous Type
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
CVE-2021-26642
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
CVE-2021-26642
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
Design/Logic Flaw
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
CVE-2021-26642 XpressEngine file upload vulnerability
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...
XpressEngine 代码问题漏洞
XpressEngine is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. A security vulnerability exists in XpressEngine versions prior to 3.0.14, which stems from the presence of insufficient file checksums and an arbitrary file upload vulnerability...
CVE-2021-26642
CVE-2021-26642 affects XpressEngine bulletin boards. The root cause is insufficient verification of uploaded image files, allowing an arbitrary file to be uploaded. The vulnerability can enable remote code execution on the server hosting the bulletin board. Public references describe affected sof...
PT-2023-12103 · Unknown · Xpressengine
Name of the Vulnerable Software and Affected Versions: XpressEngine affected versions not specified Description: The issue arises from insufficient verification of uploaded files, allowing a remote attacker to upload arbitrary files and potentially execute arbitrary code on the server hosting the...