37 matches found
EUVD-2002-0241
Malware in sbrugna...
EUVD-2025-28130
Malicious code in bioql PyPI...
EUVD-2025-2664
Malicious code in bioql PyPI...
EUVD-2025-16939
Malicious code in bioql PyPI...
CVE-2025-49008
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable version...
CVE-2025-49008
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable version...
CVE-2025-49008
CVE-2025-49008 affects Atheos, a self-hosted browser-based cloud IDE. Prior to version 6.0.4, improper use of escapeshellcmd() in /components/codegit/traits/execute.php enables argument injection and arbitrary command execution. The vulnerability could lead to data breaches or server compromise f...
CVE-2025-49008 Atheos Improper Input Validation Vulnerability Enables RCE in Common.php
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable version...
CVE-2025-49008 Atheos Improper Input Validation Vulnerability Enables RCE in Common.php
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable version...
CVE-2025-49008 Atheos Improper Input Validation Vulnerability Enables RCE in Common.php
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable version...
Atheos 安全漏洞
Atheos is an open source browser-based self-hosted cloud IDE from Atheos. A security vulnerability exists in Atheos versions prior to 6.0.4, which stems from parameter injection and could lead to arbitrary command execution...
PT-2025-23876 · Atheros · Atheos
Name of the Vulnerable Software and Affected Versions: Atheos versions prior to 6.0.4 Description: Atheos is a self-hosted browser-based cloud integrated development environment. The improper use of escapeshellcmd in /components/codegit/traits/execute.php allows argument injection, leading to...
CVE-2025-22152
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...
CVE-2025-47788
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the $target parameter in /controller.php was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for th...
CVE-2025-47788
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the $target parameter in /controller.php was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for th...
CVE-2025-47788 Missing Path Validation Enables Path Traversal in Controller.php
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the $target parameter in /controller.php was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for th...
CVE-2025-47788
Affected software: Atheos self-hosted browser-based IDE. Vulnerability: Prior to v602, the $target parameter in /controller.php was not properly validated, enabling path traversal to read/execute arbitrary files on the server. Root cause: insufficient input validation in the target parameter hand...
CVE-2025-47788 Missing Path Validation Enables Path Traversal in Controller.php
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the $target parameter in /controller.php was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for th...
CVE-2025-47788 Missing Path Validation Enables Path Traversal in Controller.php
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the $target parameter in /controller.php was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for th...
PT-2025-21368 · Atheros · Atheos
Name of the Vulnerable Software and Affected Versions: Atheos versions prior to v602 Description: Atheos is a self-hosted browser-based cloud IDE. The $target parameter in "/controller.php" was not properly validated, which could allow an attacker to execute arbitrary files on the server via path...