CVE-2025-12297

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-12297

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-12297 atjiu pybbs UserApiController.java information disclosure

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-12297

CVE-2025-12297 affects atjiu pybbs up to v6.0.0, involving an unknown function in UserApiController.java. The manipulation causes information disclosure and can be exploited remotely; the exploit is publicly available (PoC in some sources). Multiple connected sources corroborate the surface and i...

CVE-2025-12297 atjiu pybbs UserApiController.java information disclosure

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

pybbs 访问控制错误漏洞

pybbs is a community platform for Java development by iuiu individual developers. An access control error vulnerability exists in pybbs version 6.0.0 and earlier, which stems from the misuse of an unknown function in the file UserApiController.java, which could lead to information disclosure...

EUVD-2020-0396

Malware in sbrugna...

EUVD-2021-28170

Malicious code in bioql PyPI...

EUVD-2021-30024

Malicious code in bioql PyPI...

EUVD-2022-43067

Malicious code in bioql PyPI...

EUVD-2022-51899

Malicious code in bioql PyPI...

CVE-2025-10232 299ko FileManagerAPIController.php delete path traversal

A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2025-10232 299ko FileManagerAPIController.php delete path traversal

A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

pybbs 安全漏洞

pybbs is a community platform for Java development by iuiu individual developers. A security vulnerability exists in pybbs 6.0.0 and earlier versions, which originates from an error message in the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java in the function...

CVE-2022-4564

A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to...

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output through the addCustomCSSPreset method in the ApiController.php file. An attacker can execute arbitrary code on the server by modifying the file extension to .php and injecting PHP code into the fi...

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

mojoPortal 安全漏洞

mojoPortal is an open source, object-oriented web site architecture WSF and content management system CMS by Joe Audette, an individual developer in the United States. The system provides event calendars, photo albums, file managers, and more. A security vulnerability exists in mojoPortal version...

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

CISCO-SA-20190501-APIC

creationtimestamp| type| source ---|---|--- 2024-12-17 06:40:58+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666792863457134...