63 matches found
EUVD-2022-33048
Malicious code in bioql PyPI...
EUVD-2022-47866
Malicious code in bioql PyPI...
CVE-2024-31609
Cross Site Scripting XSS vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration...
CVE-2024-22938
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...
CVE-2022-44937
Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...
CVE-2022-28606
An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd. BossCMS 1.0, which can be exploited by an attacker to gain control of the server...
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...
CVE-2024-31613
CVE-2024-31613 affects BOSSCMS v3.10. The issue is a cross-site request forgery (CSRF) in the head_code or foot_code parameter, potentially enabling an attacker to cause unintended actions in the web application. The connected sources confirm the affected software and the CSRF nature but do not p...
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...
BossCMS Security Breach
Wenzhou Huoyin Information Technology BossCMS is a content management system based on MySQL architecture of self-developed PHP framework by Wenzhou Huoyin Information Technology. A security vulnerability exists in BossCMS v3.10, which is caused by a cross-site request forgery CSRF vulnerability i...
PT-2024-24154 · Bosscms · Bosscms
Name of the Vulnerable Software and Affected Versions: BOSSCMS version 3.10 Description: The issue is related to Cross Site Request Forgery CSRF in the head code or foot code parameters. This means an attacker could potentially trick a user into performing unintended actions on the web applicatio...
CVE-2024-31609
Cross Site Scripting XSS vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration...
PT-2024-24149 · Bosscms · Bosscms
Name of the Vulnerable Software and Affected Versions: BOSSCMS version 3.10 Description: A Cross Site Scripting XSS issue allows attackers to run arbitrary code via the header code and footer code fields in code configuration. This enables attackers to execute malicious scripts on the affected...
CVE-2024-31609
Cross Site Scripting XSS vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration...
CVE-2024-31609
Cross Site Scripting XSS vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration...
CVE-2024-22938
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...
Code injection
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...