CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

EUVD-2013-7035

Malware in sbrugna...

EUVD-2014-9395

Malware in sbrugna...

EUVD-2014-9396

Malware in sbrugna...

EUVD-2017-1414

Malware in sbrugna...

EUVD-2023-0602

Malicious code in bioql PyPI...

EUVD-2022-2112

Malicious code in bioql PyPI...

EUVD-2022-3492

Malicious code in bioql PyPI...

EUVD-2022-3169

Malicious code in bioql PyPI...

EUVD-2022-3865

Malicious code in bioql PyPI...

CVE-2020-14044

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Server-Side Request Forgery SSRF vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in...

CVE-2020-14043

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Side Request Forgery CSRF vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn't CSRF protected in components/market/controller.php. This might cause admins...

CVE-2020-14042

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting XSS vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no...

CVE-2017-20178

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched...

CVE-2017-1000125

Codiadfull version is vulnerable to write anything to configure file in the installation resulting upload a webshell...

CVE-2024-26557

Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...

Codiad 安全漏洞

Codiad is a website builder from the Codiad team that provides Web-based IDE functionality. A security vulnerability exists in Codiad v2.8.4, which stems from a reflected cross-site scripting XSS vulnerability in the parameter type of the component components/market/dialog.php...

CVE-2017-1000125

Codiadfull version is vulnerable to write anything to configure file in the installation resulting upload a webshell...