61 matches found
EUVD-2023-35150
Malicious code in bioql PyPI...
EUVD-2023-35151
Malicious code in bioql PyPI...
EUVD-2023-35152
Malicious code in bioql PyPI...
EUVD-2023-23381
Malicious code in bioql PyPI...
EUVD-2023-23323
Malicious code in bioql PyPI...
EUVD-2023-35149
Malicious code in bioql PyPI...
CVE-2023-30789
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
CVE-2024-53554
A Client-Side Template Injection CSTI vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details...
CVE-2024-53554
A Client-Side Template Injection CSTI vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details...
CVE-2024-53554
A Client-Side Template Injection CSTI vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details...
CVE-2024-37846
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...
CVE-2024-37846
MangoOS before 5.2.0 is affected by a Client-Side Template Injection (CSTI) vulnerability exposed on the Platform Management Edit page. The issue is tied to the Platform Management Edit page and allows CSTI, with sources indicating that versions prior to 5.2.0 are vulnerable. The connected Red Ha...
CVE-2024-37846
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...
CVE-2024-46366
A Client-side Template Injection CSTI vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the...
CVE-2023-30789
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
CVE-2023-30789
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...
CVE-2023-30790
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/relationships endpoint and firstname and lastname parameter...
CVE-2023-30787
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...