EUVD-2025-25740

Malicious code in bioql PyPI...

CVE-2025-9387

A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ipblock.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate...

CVE-2025-9387 DCN DCME-720 Web Management Backend ip_block.php os command injection

A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ipblock.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate...

Formstone 跨站脚本漏洞

Formstone is a front-end component codebase from the Formstone team. Formstone has a security vulnerability in version 1.4.16 and earlier caused by a failure to properly validate user-supplied input in the -target.php and upload-block.php folder in an upload. A remote attacker can exploit this...

SQL Injection Vulnerability in YUNU System Block.php Page

YUNUCMS is a three-network, open source content management system with its own substation system. YUNU system Block.php page SQL injection vulnerability, attackers can exploit the vulnerability to obtain database sensitive information...

PHPFirstPost Block.PHP远程文件包含漏洞

PHPFirstPost是一款基于PHP的WEB应用程序。 PHPFirstPost不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Block.PHP'脚本对用户提交的'Include'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 PhpFirstPost 0.1 http://sourceforge.net/projects/phpfirstpost/ html head title..:: PhpFirstPost blog Remote File Include Exploit ::../title scri...