CVE-2022-50793 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Authenticated Command Injection via www-data-handler.php

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains an authenticated command injection vulnerability in the www-data-handler.php script that allows attackers to inject system commands through the 'services' POST parameter. Attackers can exploit this vulnerability by crafting malicious 'services' paramete...

EUVD-2023-3118

Malicious code in bioql PyPI...

EUVD-2023-57875

Malicious code in bioql PyPI...

EUVD-2024-32588

Malicious code in bioql PyPI...

CVE-2024-4022

A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information...

CVE-2023-5579

A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may...

CVE-2023-6761

A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclos...

CVE-2024-4022 Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure

A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information...

CVE-2024-4022 Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure

A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information...

TYPO3 Access Control Error Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. An access control error vulnerability exists in TYPO3 versions 8.0.0-8.7.56, 9.0.0-9.5.45, 10.0.0-10.4.42, 11.0.0-11.5.34, 12.0.0-12.4.10, and 13.0.0, which stems from incorrect...

CVE-2023-6761

A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-6761

A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-6761 Thecosy IceCMS User Data access control

A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclos...

IceCMS Access Control Error Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from unknown processing in the User Data Handler component, resulting in...

PT-2023-32764 · Thecosy · Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS versions up to 2.0.1 Description: A vulnerability has been found in the User Data Handler component, leading to improper access controls. The attack may be initiated remotely. This issue affects some unknown processing of the...

PHPEMS Deserialization of Untrusted Data vulnerability

A vulnerability classified as critical was found in PHPEMS 6.x/7.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has...

GHSA-5RV2-VVMF-F7W8 PHPEMS Deserialization of Untrusted Data vulnerability

A vulnerability classified as critical was found in PHPEMS 6.x/7.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has...

Deserialization of untrusted data

A vulnerability classified as critical was found in PHPEMS 6.x/7.x/8.x/9.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization. The attack can be launched remotely. The...

CVE-2023-6654 PHPEMS Session Data session.cls.php deserialization

A vulnerability classified as critical was found in PHPEMS 6.x/7.x/8.x/9.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization. The attack can be launched remotely. The...

PT-2023-32730 · Phpems · Phpems

Name of the Vulnerable Software and Affected Versions: PHPEMS versions 6.x through 9.0 Description: A critical vulnerability was found in the library lib/session.cls.php of the component Session Data Handler, affecting an unknown functionality. The manipulation leads to deserialization and can be...