CVE-2026-11412

A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Executing a manipulation of the argument queryID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...

EUVD-2026-33974

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by...

CVE-2025-70995

An issue in Aranda Service Desk Web Edition ASDK API 8.6 allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile,...

EUVD-2026-4776

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...

CVE-2020-12470

MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template...

CVE-2025-61548

SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...

edu Business Solutions Print Shop Pro WebDesk 安全漏洞

edu Business Solutions Print Shop Pro WebDesk is a print order management system from edu Business Solutions, USA. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which originates from an incorrect operation of the parameter hfInventoryDistFormID in...

Exploit for CVE-2025-52691

CVE-2025-52691 SmarterMail Unauthenticated Arbitrary File U...

EUVD-2021-23178

Malware in sbrugna...

EUVD-2018-8840

Malware in sbrugna...

EUVD-2020-4776

Malware in sbrugna...

EUVD-2014-5250

Malware in sbrugna...

EUVD-2012-6600

Malware in sbrugna...

EUVD-2019-2649

Malware in sbrugna...

EUVD-2019-19201

Malware in sbrugna...

EUVD-2020-16032

Malware in sbrugna...

EUVD-2019-2076

Malware in sbrugna...

EUVD-2025-4257

Malicious code in bioql PyPI...

EUVD-2022-31758

Malicious code in bioql PyPI...

CVE-2025-10254

Affected software: Ascensio System SIA OnlyOffice up to 12.7.0. Vulnerable component: SVG Image Handler processing of /Products/Projects/Messages.aspx. Root cause: unknown processing leads to cross-site scripting. Impact: cross-site scripting with remote initiation potential; exploit publicly ava...