CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

CVE-2025-29411

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-29411

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

CVE-2025-29412

The CVE-2025-29412 entry identifies an XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0. The issue arises from injected payloads in the Name parameter, enabling arbitrary web scripts or HTML execution. Affected component: iBanking v2.0.0, Client Profile Up...

Stable Diffusion web UI 安全漏洞

Stable Diffusion web UI is a web interface for AUTOMATIC1111 individual developers. A security vulnerability exists in the Stable Diffusion web UI that originates from a specially crafted request and could lead to a local file inclusion attack...

CVE-2025-29411

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-29411

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

CVE-2025-29411

CVE-2025-29411 affects Mart Developers iBanking v2.0.0. An arbitrary file upload in the Client Profile Update section enables attackers to upload a crafted PHP file and achieve remote code execution. The CVSS v3.1 base score is 9.8 (Critical) with network attack vector, no privileges required, us...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

yimioa 安全漏洞

yimioa CloudNet OA is a locally deployed OA software by rabbit individual developers. A security vulnerability exists in yimioa versions prior to v2024.07.04, which stems from an SQL injection in the listNameBySql method...

[SECURITY] Fedora 42 Update: python3.6-3.6.15-43.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

FreeBSD : electron33 -- multiple vulnerabilities (6ba9e26e-c9c6-49f7-ae43-47e5864f0b66)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6ba9e26e-c9c6-49f7-ae43-47e5864f0b66 advisory. Electron develpers report: This update fixes the following vulnerabilities: Tenable has...

FreeBSD : electron{32,33} -- multiple vulnerabilities (f4f3e001-402b-4d6d-8efa-ab11fcf8de2b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f4f3e001-402b-4d6d-8efa-ab11fcf8de2b advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

Linux Distros Unpatched Vulnerability : CVE-2023-23931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Pyth...

mysiteforme SQL注入漏洞

mysiteforme is a privilege management system for wangl1989 individual developers. A security vulnerability exists in versions of mysiteforme prior to 2025.01.1, which stems from the presence of a SQL injection issue...

zz 安全漏洞

zz is an e-commerce platform for zj1983 individual developers. A security vulnerability exists in zz 2024-8 and prior versions that stems from improper authorization...

zz 代码问题漏洞

zz is an e-commerce platform for zj1983 individual developers. A security vulnerability exists in zz 2024-8 and earlier versions, which stems from a server-side request forgery in the importdatatodb file...