CVE-2026-40550

mpGabinet is vulnerable to Privilege Escalation due to excessive database privileges assigned to the user used by the application. An attacker with access to any running application instance connected to the backend server can extract database credentials from the application’s memory by inspecti...

PT-2025-49147

Name of the Vulnerable Software and Affected Versions dcTrack affected versions not specified Description dcTrack platforms are susceptible to unauthorized access due to the use of default and hard-coded credentials. An attacker gaining access through these credentials could administer the...

EUVD-2024-29115

Malicious code in bioql PyPI...

EUVD-2025-24205

Malicious code in bioql PyPI...

CVE-2025-55910

CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in databaseadmin.php...

CmsEasy 安全漏洞

CmsEasy is a content management system CMS for creating responsive websites from China-based CmsEasy. A security vulnerability exists in CmsEasy 7.7.8.0 and earlier versions, which stems from an arbitrary file deletion issue in databaseadmin.php...

CVE-2025-55910

CMSEasy is affected by CVE-2025-55910: versions 7.7.8.0 and earlier are vulnerable to arbitrary file deletion via database_admin.php. The root cause is an issue in CMSEasy’s database_admin.php handling that allows deletion of arbitrary files. Reported references across multiple sources confirm th...

PT-2025-38574

Name of the Vulnerable Software and Affected Versions CMSEasy versions prior to 7.7.8.0 Description CMSEasy versions prior to 7.7.8.0 are susceptible to arbitrary file deletion through the database admin.php file. Recommendations Update to a version newer than 7.7.8.0...

CVE-2025-42951 Broken Authorization in SAP Business One (SLD)

Due to broken authorization, SAP Business One SLD allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high impact on the confidentiality, integrity, and availability of the application...

CVE-2025-1106

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-1106 CmsEasy database_admin.php restore_action path traversal

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CmsEasy 路径遍历漏洞

CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy company. A path traversal vulnerability exists in CmsEasy version 7.7.7.9, which stems from the library lib/admin/databaseadmin.php where the function deletediraction/restoreaction can lead to a path...

CVE-2025-0973

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAllaction in the library lib/admin/databaseadmin.php of the file /index.php?case=database&act=backAll&admindir=admin&site=default. The manipulation of the argument select leads to path...

RHEL 7 : openldap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openldap: ACL restrictions bypass due to saslssf value being set permanently CVE-2019-13565 -...

CVE-2023-46482

SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component...

Sql injection

SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component...

CVE-2023-46482

SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component...

SUSE-SU-2020:1210-1 Security update for openldap2

This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters bsc1170771. - CVE-2019-13565: Fixed an authentication bypass caused by incorrect authorization of another connection, granting excess connection rights bsc1143194. -...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2019-2358)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for openldap2 (openSUSE-SU-2019:2157-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...