12 matches found
EUVD-2022-36024
Malicious code in bioql PyPI...
CVE-2024-48450
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...
CVE-2025-30345
OpenSlides CVE-2025-30345 affects OpenSlides versions prior to 4.2.5. The vulnerability arises in the chat_group.create action: while some HTML elements (e.g., SCRIPT) are filtered, others are not, and HTML entities are not consistently encoded when deleting chats or deleting messages, potentiall...
CVE-2025-0581
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the...
Campcodes School Management Software 代码注入漏洞
Campcodes School Management Software is a school management software from Campcodes, Inc. A code injection vulnerability exists in version 1.0 of CampCodes School Management Software, which stems from a cross-site scripting attack in the parameter message in the file /chat/group/send in the...
CVE-2024-48450
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...
Huly Platform 安全漏洞
Huly Platform is an all-in-one project management platform from Huly open source. A security vulnerability exists in Huly Platform version v0.6.295. An attacker can exploit the vulnerability to execute arbitrary code by uploading a specially crafted HTML file to a chat group...
CVE-2024-48450
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...
CVE-2024-48450
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...
CVE-2024-48450
CVE-2024-48450 affects Huly Platform v0.6.295. The issue is an arbitrary file upload vulnerability that enables an attacker to execute arbitrary code by uploading a crafted HTML file into a chat group. The available documents do not provide details on root cause beyond the upload mechanism, affec...
Code injection
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process...
CVE-2022-32958
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process...