3 matches found
EUVD-2024-39193
Malicious code in bioql PyPI...
CVE-2024-41804
CVE-2024-41804 affects Xibo CMS (DataSet Column Formulas API). An SQL injection vulnerability is exploitable by an authenticated user via the formula parameter, enabling access to/ modification of arbitrary data in the Xibo database. Remediation: upgrade to Xibo versions 3.3.12 or 4.0.14, which f...
PT-2024-29571 · Xibo · Xibo
Name of the Vulnerable Software and Affected Versions: Xibo versions prior to 3.3.12 Xibo versions prior to 4.0.14 Description: A SQL injection issue was discovered in the API route responsible for Adding/Editing DataSet Column Formulas. This allows an authenticated user to obtain and modify...