EUVD-2025-24953

Malicious code in bioql PyPI...

EUVD-2025-24950

Malicious code in bioql PyPI...

EUVD-2025-27217

Malicious code in bioql PyPI...

EUVD-2025-24949

Malicious code in bioql PyPI...

EUVD-2025-3475

Malicious code in bioql PyPI...

CVE-2025-8989

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been...

MAL-2025-6919 Malicious code in coronavirus-calculator (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d30c7b91e8bbf434aa10762bff4148e83d80a714b10456cce7ba248b85021dde The OpenSSF Package Analysis project identified...

Malicious code in coronavirus-calculator (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d30c7b91e8bbf434aa10762bff4148e83d80a714b10456cce7ba248b85021dde The OpenSSF Package Analysis project identified...

CVE-2025-8988

A vulnerability has been found in SourceCodester COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8987 SourceCodester COVID 19 Testing Management System test-details.php sql injection

A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-8986 SourceCodester COVID 19 Testing Management System search-report-result.php sql injection

A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-8985

CVE-2025-8985 affects SourceCodester COVID 19 Testing Management System 1.0. The vulnerability is in /profile.php where manipulating the mobilenumber parameter enables SQL injection, allowing remote access. Exploitation status is documented as a PROOF-OF-CONCEPT in CVSS/4.0 data; no official patc...

PT-2025-33421 · Sourcecodester · Covid19 Testing Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the mobilenumber argument in the processing of the /edit-phlebotomist.php file. The attack can be initiated...

PT-2025-33420 · Sourcecodester · Covid19 Testing Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A vulnerability exists in SourceCodester COVID 19 Testing Management System 1.0, affecting unknown code within the /bwdates-report-result.php file. Manipulation of the...

WordPress Coronavirus (COVID-19) Notice Message plugin <= 1.1.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Coronavirus COVID-19 Notice Message versions = 1.1.2...

CVE-2025-0629 Coronavirus (COVID-19) Notice Message <= 1.1.2 - Admin+ Stored XSS

The Coronavirus COVID-19 Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2025-23851

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Khushwant Singh Coronavirus COVID-19 Outbreak Data Widgets coronavirus-data-widgets allows Reflected XSS.This issue affects Coronavirus COVID-19 Outbreak Data Widgets: from n/a through = 1.1.1...

CVE-2025-23851 WordPress Coronavirus (COVID-19) Outbreak Data Widgets Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Khushwant Singh Coronavirus COVID-19 Outbreak Data Widgets coronavirus-data-widgets allows Reflected XSS.This issue affects Coronavirus COVID-19 Outbreak Data Widgets: from n/a through = 1.1.1...

PT-2025-7014 · Unknown · Notfound Coronavirus (Covid-19) Outbreak Data Widgets

Name of the Vulnerable Software and Affected Versions: NotFound Coronavirus COVID-19 Outbreak Data Widgets versions 1.1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This...

WordPress plugin Coronavirus (COVID-19) Outbreak Data Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...