361 matches found
EUVD-2025-26699
Malicious code in bioql PyPI...
EUVD-2025-26697
Malicious code in bioql PyPI...
EUVD-2025-26719
Malicious code in bioql PyPI...
EUVD-2025-26717
Malicious code in bioql PyPI...
EUVD-2025-26714
Malicious code in bioql PyPI...
EUVD-2025-26707
Malicious code in bioql PyPI...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21124)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input by the /apprain/developer/addons/update/tablesorter endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authenticati...
appRain CMF path traversal vulnerability
appRain CMF is a content management framework. A path traversal vulnerability exists in appRain CMF, which stems from the incorrect handling of base64 path parameters, and can be exploited by an attacker to download an arbitrary file on the system via a constructed URL request...
appRain CMF SQL Injection Vulnerability (CNVD-2025-21132)
appRain CMF is a content management framework. appRain CMF suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BPage%5D%5Bname%5D parameter of /apprain/page/manage-dynamic-pages/create. An attacker could use this...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21131)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in the /apprain/information/manage/emailtemplate/add endpoint. An attacker could use this vulnerability to steal the victim's cookie-base...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21130)
appRain CMF is a content management framework from appRain Canada. appRain CMF suffers from a cross-site scripting vulnerability that is caused by improper validation of user input in the /apprain/developer/language/lipsum.xml endpoint. An attacker could use this vulnerability to steal the victim...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21129)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/language/default.xml endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21127)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which stems from the lack of effective filtering and escaping of user-supplied data in the /apprain/developer/addons parameter page, which can be exploited by an attacker to steal a victim's...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21121)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/hysontable endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authenticatio...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21120)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/dialogs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21119)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/cycle endpoint. An attacker could use this vulnerability to steal a victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21118)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/commonresource endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21117)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/canvasjs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21114)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in the /apprain/developer/addons/update/appform endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21113)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/admin endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...