EUVD-2024-41115

Malicious code in bioql PyPI...

EUVD-2021-33134

Malicious code in bioql PyPI...

EUVD-2022-32506

Malicious code in bioql PyPI...

CVE-2025-51651

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request...

CVE-2024-40544

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery SSRF via the component /admin/maintenancesysTask/edit...

CVE-2024-40547

PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace...

CVE-2024-39156

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/keyWorddeal.php?mudi=add...

CVE-2024-55104

Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters...

CVE-2023-46987

SeaCMS v12.9 was discovered to contain a remote code execution RCE vulnerability via the component /augap/adminip.php...

CVE-2023-41618

Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin/article.php?activesavedraft...

CVE-2023-45907

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/variable/delete...

CVE-2021-2247

Vulnerability in the Oracle Advanced Collections product of Oracle E-Business Suite component: Admin. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanc...

CVE-2020-20946

Qibosoft v7 contains a stored cross-site scripting XSS vulnerability in the component /admin/index.php?lfj=friendlink=add...

CVE-2020-17564

Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component...

PT-2025-20909 · Rebuild · Rebuild

Name of the Vulnerable Software and Affected Versions: rebuild versions 3.9.0 through 3.9.3 Description: The issue is related to a SQL injection vulnerability in the /admin/admin-cli/exec component. Recommendations: For versions 3.9.0 through 3.9.3, consider disabling access to the...

CVE-2025-28056

CVE-2025-28056 affects Rebuild v3.9.0–v3.9.3, with a SQL injection in the /admin/admin-cli/exec component. The primary sources consistently describe the issue and affected versions, but do not provide concrete remediation steps or a confirmed exploit status within the supplied documents. No vendo...

PT-2025-19806 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin topic.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin topic.php component...

CVE-2025-29647

SeaCMS v13.3 has a SQL injection vulnerability in the component admintempvideo.php...

CVE-2025-25794

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component adminping.php...

CVE-2025-25797

CVE-2025-25797 : SeaCMS v13.3 contains a remote code execution (RCE) vulnerability exploitable through the admin_smtp.php component. Multiple connected sources corroborate an RCE in SeaCMS v13.3, but the provided documents do not detail affected versions beyond v13.3, nor do they specify patches,...