Lucene search
K

164 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-2148

Malware in sbrugna...

6.5CVSS6.4AI score0.01806EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4057

Malware in sbrugna...

8.1CVSS7.6AI score0.01749EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8453

Malware in sbrugna...

9CVSS7.3AI score0.01374EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-6128

Malware in sbrugna...

10CVSS6.4AI score0.02912EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-27399

Malware in sbrugna...

8.8CVSS7.9AI score0.00981EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24136

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00543EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/09/09 9:31 a.m.12 views

TYPO3 Bookmark Toolbar vulnerable to denial of service

An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 lets administrator‑level backend users trigger a denial‑of‑service condition in the backend user interface by saving manipulated data in the bookmark toolbar...

5.1CVSS6.9AI score0.0027EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/08/22 4:49 p.m.1 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the /api/app/compose/get-from-uri endpoint, which uses the GetFromUri function. A user can access arbitrary files on the server by passing arbitrary paths as the uri parameter. This is only...

6.8CVSS6.7AI score0.00434EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/13 9:25 a.m.7 views

CVE-2025-8838

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be...

9.8CVSS7.4AI score0.00543EPSS
Exploits1References1
OSV
OSV
added 2025/08/11 9:15 a.m.7 views

CVE-2025-8838

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be...

9.8CVSS5.3AI score0.00543EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.4 views

PT-2025-32531 · Winterchens · My-Site

Name of the Vulnerable Software and Affected Versions: WinterChenS my-site affected versions not specified Description: A vulnerability exists in the preHandle function of the /admin/ file within the Backend Interface component. Manipulation of the uri argument results in improper authentication...

7.5CVSS7.1AI score0.00543EPSS
Exploits1References12
OSV
OSV
added 2025/07/13 1:15 a.m.4 views

CVE-2025-7510

A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/productaddback.php. The manipulation of the argument namepro leads to sql injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS5.8AI score0.00394EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.3 views

CVE-2024-3431

A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability affects unknown code of the file /login.php?m=admin=Field=channeledit of the component Backend. The manipulation of the argument channelid leads to deserialization. The attack can be initiated remotel...

8.8CVSS7.2AI score0.00717EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.7 views

CVE-2020-25445

The “Subscribe” feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a result when admin in backend download and open the csv, content of the cells are executed...

7.8CVSS7.2AI score0.00898EPSS
Exploits0
Snyk
Snyk
added 2025/05/20 2:43 p.m.3 views

Server-side Request Forgery (SSRF)

Overview typo3/cms-webhooks is a Handle outgoing Webhooks for TYPO3 Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. An attacker can manipulate internal resources by sending crafted requests from a compromised or malicious external site. This is only exploitab...

4.4CVSS6.9AI score0.00229EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/09 12:0 a.m.6 views

PT-2025-20601 · Unknown · Jadmin-Java

Name of the Vulnerable Software and Affected Versions: JAdmin-JAVA JAdmin version 1.0 Description: A critical vulnerability was found in the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to...

7.5CVSS7.1AI score0.00605EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.5 views

JAdmin 授权问题漏洞

JAdmin is JAdmin-JAVA open source a Java language based rapid development platform. JAdmin 1.0 version of the authorization problem vulnerability, the vulnerability stems from the file NoNeedLoginController.java in the Admin Backend component of the toLogin function has improper authentication...

9.8CVSS7.5AI score0.00605EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:42 p.m.7 views

CVE-2020-6249

The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...

8.8CVSS7.5AI score0.00981EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.8 views

PT-2024-25956

Name of the Vulnerable Software and Affected Versions TYPO3 versions prior to 10.4.46 ELTS TYPO3 versions prior to 11.5.40 LTS TYPO3 versions prior to 12.4.21 LTS TYPO3 versions prior to 13.3.1 Description The issue allows for denial of service, causing an interface error in the Bookmark Toolbar,...

4.9CVSS5.4AI score0.00684EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/09/27 12:0 a.m.4 views

PT-2024-39536 · Unknown · Huankemao Scrm

Name of the Vulnerable Software and Affected Versions: HuankeMao SCRM versions up to 0.0.3 Description: A critical issue has been found in the Administrator Backend component, specifically in the function upload domain verification file of the file WxkConfig.php. The manipulation of the argument...

5.8CVSS7AI score0.00465EPSS
Exploits0References7
Rows per page
Query Builder