524 matches found
EUVD-2018-12866
Malware in sbrugna...
EUVD-2002-1135
Malware in sbrugna...
EUVD-2007-4460
Malware in sbrugna...
EUVD-2008-6670
Malware in sbrugna...
EUVD-2009-0065
Malware in sbrugna...
CVE-2025-11288
The CRMEB CVE-2025-11288 issue affects CRMEB versions up to 5.6 (and is described as affecting versions prior to 5.7 by PT-Security) in GET Parameter Handler for /adminapi/product/product. Manipulation of the cate_id argument enables SQL injection with remote exploitation possible and an exploit ...
EUVD-2024-39025
Malicious code in bioql PyPI...
EUVD-2025-6558
Malicious code in bioql PyPI...
EUVD-2022-37695
Malicious code in bioql PyPI...
EUVD-2023-3271
Malicious code in bioql PyPI...
EUVD-2025-25310
Malicious code in bioql PyPI...
EUVD-2023-46399
Malicious code in bioql PyPI...
Cisco Unified Communications Manager 跨站脚本漏洞
Cisco Unified Communications Manager is a call-processing component of a unified communications system from Cisco USA. The component provides a scalable, distributed, and highly available enterprise IP telephony call processing solution. A cross-site scripting vulnerability exists in Cisco Unifie...
CVE-2025-58384
In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code execution through the .NET Remoting library in the Watchdoc administration interface...
CVE-2025-54376
Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, Hoverfly’s admin WebSocket endpoint /api/v2/ws/logs is not protected by the same authentication middleware that guards the REST admin API. Consequently, an unauthenticated remote attacker can stream real-time applicatio...
Sports Management System facilitator.php File SQL Injection Vulnerability
Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/facilitator.php. An attacker can exploit this vulnerabili...
CVE-2023-47799
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the...
CVE-2025-50986
diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...
CVE-2023-47799
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the...
CVE-2023-47799
Mahara is affected by an information-disclosure vulnerability in the HTML bulk export feature, where exported files may leak images from other accounts because the per-account cache is not cleared. Affected: Mahara < 22.10.4 and Mahara 23.x