64 matches found
EUVD-2024-49076
Malicious code in bioql PyPI...
EUVD-2025-4491
Malicious code in bioql PyPI...
EUVD-2024-49839
Malicious code in bioql PyPI...
EUVD-2024-49075
Malicious code in bioql PyPI...
EUVD-2024-49077
Malicious code in bioql PyPI...
CVE-2024-48341
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/doAdminAction.php?act=addShop...
CVE-2024-48341
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/doAdminAction.php?act=addShop...
CVE-2024-48341
The CVE-2024-48341 entry concerns dingfanzu CMS V1.0, which has a Cross-Site Request Forgery (CSRF) flaw in the /admin/doAdminAction.php?act=addShop endpoint. The vulnerability is described with CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N, base score 3.7 (LOW), indicating potential information ...
CVE-2024-48341
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/doAdminAction.php?act=addShop...
CVE-2024-9294
A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. Affected by this issue is some unknown functionality of the file saveNewPwd.php. The manipulation of the argument username leads to sql injection. The attack may be...
CVE-2024-46485
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/doAdminAction.php?act=addCate...
CVE-2024-46600
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/doAdminAction.php?act=delCate=31...
CVE-2024-48758
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code...
CVE-2024-48291
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/doAdminAction.php?act=editAdmin=17...
CVE-2024-8302
A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ajax/chpwd.php. The manipulation of the argument username leads to sql injection. The attack may be launched...
CVE-2024-8303
A vulnerability classified as critical has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. This affects an unknown part of the file /ajax/getBasicInfo.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...
CVE-2024-50966
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/doAdminAction.php?act=addAdmin...
CVE-2025-1544
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1544
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1544 dingfanzu CMS loadShopInfo.php sql injection
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...