20 matches found
EUVD-2025-11886
Malicious code in bioql PyPI...
EUVD-2023-30875
Malicious code in bioql PyPI...
CVE-2023-27088
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will...
CVE-2021-37456
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address stored...
CVE-2025-29512
Cross-Site Scripting XSS vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database...
CVE-2025-29512
Cross-Site Scripting XSS vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database...
CVE-2023-27088
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will...
Authorization
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will...
CVE-2023-27088
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will...
CVE-2023-27088
CVE-2023-27088 affects feiqu-opensource with a background vertical authorization issue in IndexController.java. Exploitable by demo users with low permission to perform admin-level operations, including changing the blacklist IP address. CVSS v3.1 metrics show a high-severity, network-based explo...
CVE-2023-27088
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will...
CVE-2021-37456
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address stored...
CVE-2021-37456
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address stored...
Cross site scripting
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address stored...
CVE-2021-37456
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address stored...
CVE-2017-12651
Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...
CVE-2017-12651
Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...
CVE-2017-12651
Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...
CVE-2014-9570
Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...