EUVD-2021-31145

Malicious code in bioql PyPI...

EUVD-2021-28741

Malicious code in bioql PyPI...

Sql injection

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidumap parameters in /user/ztconfig.php...

CVE-2021-44302

CVE-2021-44302 affects BaiCloud-cms v2.5.7 and is due to multiple SQL injection vulnerabilities exposed through the tongji and baidu_map parameters in /user/ztconfig.php. The NVD records CVSS 3.1 base score 8.8 (HIGH) with network access, low attack complexity, and privileges required at LOW, ind...

CVE-2021-41729

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php...

Arbitrary file deletion

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php...

CVE-2021-41729

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php...

CVE-2021-41729

CVE-2021-41729 affects BaiCloud-cms v2.5.7, with an arbitrary file deletion vulnerability exploitable via /user/ppsave.php. Connected sources provide the product, vulnerable component (server-side file handling), and impact (arbitrary file deletion). CVSS-3.1 indicates a CRITICAL base score (9.1)...