63 matches found
EUVD-2015-6746
Malware in sbrugna...
EUVD-2010-5273
Malware in sbrugna...
EUVD-2015-1183
Malware in sbrugna...
EUVD-2015-9102
Malware in sbrugna...
EUVD-2010-5272
Malware in sbrugna...
EUVD-2022-3377
Malicious code in bioql PyPI...
CVE-2015-6809
Multiple cross-site scripting XSS vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the 1 cfgprojectName parameter to index.php/admin/saveConfig, the 2 datastatsproviderurl parameter to index.php/areas/saveArea, or the 3 datadescription...
CVE-2019-15570
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters...
CVE-2010-5315
Multiple cross-site request forgery CSRF vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create categories via a data array to news/saveCategories or 2 modify credentials via a data array to admin/saveUser...
CVE-2010-5314
Cross-site scripting XSS vulnerability in controllers/homecontroller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/index...
BEdita vulnerable to SQL injection
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters due to a lack of JSON escaping...
GHSA-9GV2-2M38-J6CX BEdita vulnerable to SQL injection
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters due to a lack of JSON escaping...
BEdita SQL Injection Vulnerability
BEdita is a suite of open source back-end API software from Chialab and ChannelWeb, Italy. The software is mainly used to manage data in mobile applications, web applications and desktop applications. A SQL injection vulnerability exists in Bedita 4.0.0-RC2 and earlier versions, which can be...
CVE-2019-15570
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters...
CVE-2019-15570
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters...
Sql injection
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters...
CVE-2019-15570
CVE-2019-15570 describes a SQL injection in BEdita up to version 4.0.0-RC2 during a save operation for a relation with parameters. The linked advisories (GHSA-9GV2-2M38-J6CX and OSV/GHSA entries) indicate the root cause relates to insufficient handling/escaping of JSON data, enabling an attacker ...
CVE-2019-15570
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters...
BEdita cross-site scripting vulnerability (CNVD-2018-12767)
BEdita is a framework for creating semantic rule-based PHP applications and content management systems developed by Chialab and ChannelWeb in Italy. A cross-site scripting vulnerability exists in versions of BEdita prior to 3.7.0. The vulnerability can be exploited by remote attackers to execute...
CVE-2015-9260
An issue was discovered in BEdita before 3.7.0. A cross-site scripting XSS attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI...