74 matches found
EUVD-2023-52862
Malicious code in bioql PyPI...
EUVD-2023-40111
Malicious code in bioql PyPI...
EUVD-2023-52287
Malicious code in bioql PyPI...
EUVD-2023-44594
Malicious code in bioql PyPI...
EUVD-2023-53996
Malicious code in bioql PyPI...
EUVD-2023-52288
Malicious code in bioql PyPI...
EUVD-2023-52856
Malicious code in bioql PyPI...
CVE-2023-3970
A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser=edit=1 of the component Image Handler. The manipulation of the argument img leads to cross site scripting. It ...
CVE-2023-36133
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change...
CVE-2023-36132
PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control...
CVE-2023-3969
A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...
CVE-2023-48831
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion...
CVE-2023-48831
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion...
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, pluginsmsapikey, pluginsmscountrycode, uuid, title, or country name parameter to index.php...
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, pluginsmsapikey, pluginsmscountrycode, uuid, title, or country name parameter to index.php...
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, pluginsmsapikey, pluginsmscountrycode, uuid, title, or country name parameter to index.php...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...