BigProf Online Inventory Manager 跨站脚本漏洞

BigProf Online Inventory Manager is an online inventory management system developed by BigProf Corporation. Version 3.2 of BigProf Online Inventory Manager contains a cross-site scripting vulnerability. This vulnerability arises from the group description fields edited by administrators, which ha...

EUVD-2018-10307

Malware in sbrugna...

EUVD-2020-23336

Malware in sbrugna...

EUVD-2020-23337

Malware in sbrugna...

EUVD-2020-27731

Malware in sbrugna...

EUVD-2023-58667

Malicious code in bioql PyPI...

EUVD-2023-58664

Malicious code in bioql PyPI...

EUVD-2023-58660

Malicious code in bioql PyPI...

EUVD-2023-58659

Malicious code in bioql PyPI...

EUVD-2023-58665

Malicious code in bioql PyPI...

EUVD-2023-58663

Malicious code in bioql PyPI...

EUVD-2023-58669

Malicious code in bioql PyPI...

EUVD-2023-58661

Malicious code in bioql PyPI...

EUVD-2023-58671

Malicious code in bioql PyPI...

EUVD-2023-58666

Malicious code in bioql PyPI...

EUVD-2023-58662

Malicious code in bioql PyPI...

EUVD-2023-58670

Malicious code in bioql PyPI...

EUVD-2023-58672

Malicious code in bioql PyPI...

CVE-2020-35675

BigProf Online Invoicing System before 3.0 offers a functionality that allows an administrator to move the records of members across groups. The applicable endpoint admin/pageTransferOwnership.php lacks CSRF protection, resulting in an attacker being able to escalate their privileges to...

CVE-2020-6583

BigProf Online Invoicing System OIS through 2.6 has XSS that can be leveraged for session hijacking. An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account via the Name field in an Add New Client action...