44 matches found
EUVD-2022-29460
Malicious code in bioql PyPI...
EUVD-2022-29146
Malicious code in bioql PyPI...
EUVD-2022-29145
Malicious code in bioql PyPI...
EUVD-2022-29148
Malicious code in bioql PyPI...
EUVD-2022-29147
Malicious code in bioql PyPI...
CVE-2022-24238
ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting XSS vulnerability via the txtNmName1 parameter in person.awp...
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
CVE-2022-24240
ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp...
CVE-2022-24241
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp...
CVE-2022-24239
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp...
ACEware Systems ACEweb Online Portal Cross-Site Scripting Vulnerability
ACEware Systems ACEweb Online Portal is a component of the Student Manager solution from ACEware Systems, Inc. A cross-site scripting vulnerability exists in ACEware Systems ACEweb Online Portal version 3.5.065, which originates in person. The txtNmName1 parameter in awp lacks a validation filter...
ACEware Systems ACEweb Online Portal SQL Injection Vulnerability
ACEware Systems ACEweb Online Portal is a component of the Student Manager solution from ACEware Systems, Inc. A SQL injection vulnerability exists in ACEware Systems ACEweb Online Portal version 3.5.065, which stems from The conditional parameter in showchedule.awp lacks validation for external...
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
CVE-2022-24238
ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting XSS vulnerability via the txtNmName1 parameter in person.awp...
CVE-2022-24241
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp...
CVE-2022-24239
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp...
CVE-2022-24240
ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp...
CVE-2022-24238
ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting XSS vulnerability via the txtNmName1 parameter in person.awp...
CVE-2022-24239
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp...