69 matches found
EUVD-2020-13455
Malware in sbrugna...
CVE-2025-11272
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
EUVD-2025-32435
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
CVE-2025-11272
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
CVE-2025-11272 SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
CVE-2025-11272
CVE-2025-11272 affects SeriaWei ZKEACMS up to version 4.3. The issue resides in the Delete function of src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs (POST Request Handler) and results in improper authorization with remote exploitation possible. Public exploit details have been d...
CVE-2025-11272 SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
PT-2025-40780
Name of the Vulnerable Software and Affected Versions SeriaWei ZKEACMS versions up to 4.3 Description A flaw exists in the Delete function within the src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs file of the POST Request Handler component. This issue results in improper...
ZKEACMS 授权问题漏洞
ZKEACMS is a visually designed, WYSIWYG content management system from ZKEASOFT open source. An authorization issue vulnerability exists in ZKEACMS 4.3 and earlier versions, which stems from improper authorization of the Delete function in the file...
EUVD-2025-29219
Malicious code in bioql PyPI...
EUVD-2025-23546
Malicious code in bioql PyPI...
EUVD-2022-4123
Malicious code in bioql PyPI...
EUVD-2025-30374
Malicious code in bioql PyPI...
CVE-2025-10766
A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...
CVE-2025-10764
A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may b...
CVE-2025-10765
A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...
CVE-2025-10766
A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...
CVE-2025-10765
A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...
CVE-2025-10765
A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...
CVE-2025-10766 SeriaWei ZKEACMS EventViewerController.cs Download path traversal
A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...