6 matches found
EUVD-2024-27543
Malicious code in bioql PyPI...
EUVD-2024-27534
Malicious code in bioql PyPI...
CVE-2024-2584
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2599 Unrestricted Upload of File with Dangerous Type vulnerability in AMSS++
File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure...
CVE-2024-2586 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
AMSS++ Code Issue Vulnerability
AMSS++ is a tool for office management support systems from Amssplus. A code issue vulnerability exists in AMSS++ version 4.31 that stems from the ability to bypass file upload restrictions...