EUVD-2024-53579

Malicious code in bioql PyPI...

EUVD-2024-53580

Malicious code in bioql PyPI...

CVE-2024-57409

A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field...

CVE-2024-57408

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-57408

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-57409

A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field...

PT-2025-6075 · Unknown · Cool-Admin-Java

Name of the Vulnerable Software and Affected Versions: cool-admin-java version 1.0 Description: An arbitrary file upload vulnerability in the component /comm/upload allows attackers to execute arbitrary code via uploading a crafted file. This issue enables attackers to upload malicious files,...

CVE-2024-57409

A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field...

PT-2025-6076 · Unknown · Cool-Admin-Java

Name of the Vulnerable Software and Affected Versions: cool-admin-java version v1.0 Description: A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the...

CVE-2024-57409

A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field...

CVE-2024-57408

CVE-2024-57408 affects cool-admin-java v1.0, with an arbitrary file upload vulnerability in the /comm/upload component that allows remote code execution through a crafted file. The Red Hat/PTSecurity and CN/CS reports confirm the issue and recommend disabling the /comm/upload endpoint and restric...

CVE-2024-57409

CVE-2024-57409 affects the Cool-Admin-Java project (v1.0) with a vulnerability in the Parameter List module . The issue is a stored XSS that allows an attacker to execute arbitrary web scripts or HTML by injecting a crafted payload into the internet pictures field . Reported details indicate impa...

cool-admin-java 跨站脚本漏洞

cool-admin-java is a backend privilege management framework for COOL individual developers. A cross-site scripting vulnerability exists in cool-admin-java v1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the...

cool-admin-java 代码问题漏洞

cool-admin-java is a backend privilege management framework for COOL individual developers. A code issue vulnerability exists in cool-admin-java v1.0. An attacker can exploit this vulnerability to execute arbitrary code by uploading specially crafted files...

CVE-2024-57408

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-57408

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file...