EUVD-2024-16914

Malicious code in bioql PyPI...

CVE-2024-1146

Cross-Site Scripting vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an attacker to store a malicious JavaScript payload within the application by adding the payload to 'Community Description' or 'Community Rules'...

CVE-2024-1145

User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response...

CVE-2024-1145

User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response...

CVE-2024-1144

Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an unauthenticated user to access the application's functionalities without the need for credentials...

CVE-2024-1146

CVE-2024-1146 concerns Devklan’s Alma Blog. Affected: versions ≤ 2.1.10. Vulnerability: cross-site scripting via storing a malicious JavaScript payload in the application by adding content to the public-facing fields Community Description or Community Rules . Impact: could enable execution of inj...

CVE-2024-1146 Cross-site Scripting at Alma Devklan Blog

Cross-Site Scripting vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an attacker to store a malicious JavaScript payload within the application by adding the payload to 'Community Description' or 'Community Rules'...

CVE-2024-1146 Cross-site Scripting at Alma Devklan Blog

Cross-Site Scripting vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an attacker to store a malicious JavaScript payload within the application by adding the payload to 'Community Description' or 'Community Rules'...

CVE-2024-1145

The CVE-2024-1145 entry concerns Devklan’s Alma Blog (versions 2.1.10 and earlier) with a user-enumeration vulnerability. The affected component is the user-facing response handling that allows a remote attacker to discover valid user accounts by inspecting request responses. Impact is informatio...

CVE-2024-1144

CVE-2024-1144 refers to an improper access control vulnerability in Devklan’s Alma Blog, affecting versions 2.1.10 and earlier. An unauthenticated user could access certain functionalities without credentials. Public sources confirm the affected software and versions; the incident is not describe...

CVE-2024-1144 Improper Access Control at Alma Devklan Blog

Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an unauthenticated user to access the application's functionalities without the need for credentials...