EUVD-2024-43255

Malicious code in bioql PyPI...

CVE-2024-51182

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2024-55198

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...

PT-2025-11185 · Celk Sistemas · Celk Saude

Name of the Vulnerable Software and Affected Versions: Celk Sistemas Celk Saude version 3.1.252.1 Description: The issue concerns user enumeration via discrepancies in error messages in the password recovery functionality, allowing a remote attacker to enumerate users through different responses...

CVE-2024-55198

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...

Celk Sistemas Celk Saude 安全漏洞

Celk Sistemas Celk Saude is a health sector management software from Celk Sistemas, Brazil. A security vulnerability exists in Celk Sistemas Celk Saude version 3.1.252.1, which stems from an error message discrepancy in the password recovery feature that could lead a remote attacker to enumerate...

CVE-2024-55199

A Stored Cross Site Scripting XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser...

Celk Sistemas Celk Saude 跨站脚本漏洞

Celk Sistemas Celk Saude is a health sector management software from Celk Sistemas, Brazil. A cross-site scripting vulnerability exists in Celk Sistemas Celk Saude version v.3.1.252.1, which originates from stored cross-site scripting and could lead to a remote attacker storing JavaScript code in...

CVE-2024-51182

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2024-51182

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2024-48761

CVE-2024-48761 affects Celk Saude v3.1.252.1 and is a reflected XSS vulnerability exploitable via the erro parameter, allowing remote injection of JavaScript. Several connected sources confirm the same issue and describe improper validation/sanitization of the erro input as the root cause. Impact...

Celk Sistemas Celk Saude 安全漏洞

Celk Sistemas Celk Saude is a health sector management software from Celk Sistemas, Brazil. A security vulnerability exists in Celk Sistemas Celk Saude version 3.1.252.1, which stems from improper validation or cleanup of erro parameters, resulting in vulnerability to injection attacks...

PT-2025-2802 · Unknown · Celk Saude

Name of the Vulnerable Software and Affected Versions: Celk Saude version 3.1.252.1 Description: The issue arises from improper validation or sanitization of the erro parameter, which is returned as a response when incorrect credentials are entered during login. This makes the component susceptib...

CVE-2024-51182

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2024-51182

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter...

PT-2025-2897 · Celk Sistemas · Celk Saude

Name of the Vulnerable Software and Affected Versions: Celk Sistemas Celk Saude version 3.1.252.1 Description: The issue allows a remote attacker to inject arbitrary HTML code via the erro parameter. This enables the attacker to potentially manipulate the webpage's content, leading to various...