14 matches found
EUVD-2020-1014
Malware in sbrugna...
EUVD-2019-0804
Malware in sbrugna...
EUVD-2025-6706
Malicious code in bioql PyPI...
EUVD-2024-3089
Malicious code in bioql PyPI...
EUVD-2024-1227
Malicious code in bioql PyPI...
EUVD-2024-1172
Malicious code in bioql PyPI...
EUVD-2022-4322
Malicious code in bioql PyPI...
EUVD-2022-5339
Malicious code in bioql PyPI...
CVE-2024-28234
Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. A...
CVE-2024-28235
Contao is an open source content management system. Starting in version 4.9.0 and prior to versions 4.13.40 and 5.3.4, when checking for broken links on protected pages, Contao sends the cookie header to external urls as well, the passed options for the http client are used for all requests. Cont...
CVE-2023-29200
Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...
CVE-2012-4383
contao prior to 2.11.4 has a sql injection vulnerability...
Design/Logic Flaw
Contao before 4.5.7 has XSS in the system log...
CVE-2019-19714
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered...