e-SIC Livre 安全漏洞

e-SIC Livre is an open-source citizen information request system developed by esiclivre. Versions of e-SIC Livre prior to 0.2.2 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the cpfcnpj parameter in the Solicitante::resetaSenha function, which could...

EUVD-2017-6827

Malware in sbrugna...

EUVD-2017-6831

Malware in sbrugna...

EUVD-2017-6832

Malware in sbrugna...

EUVD-2017-6833

Malware in sbrugna...

EUVD-2017-6834

Malware in sbrugna...

EUVD-2024-21772

Malicious code in bioql PyPI...

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

CVE-2017-15373

E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php aka the search private area...

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

Unrestricted file upload

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

Software Publico e-Sic Livre Code Issue Vulnerability

Software Publico e-Sic Livre is a solution from the Brazilian company Software Publico designed to manage public services based on Q&A. A code issue vulnerability exists in Software Publico e-Sic Livre v.2.0 and prior versions, which stems from the presence of a file upload vulnerability that cou...

CVE-2024-24350

CVE-2024-24350 corresponds to a file upload vulnerability in Software Publico e-Sic Livre, affecting version 2.0 and earlier. The issue arises from the extension filtering component, enabling a remote attacker to upload crafted payloads that may lead to arbitrary code execution. The NVD/Red Hat a...

PT-2024-20371 · Software Publico · E-Sic Livre

Name of the Vulnerable Software and Affected Versions: Software Publico e-Sic Livre versions 2.0 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the extension filtering component. This is a result of a File Upload vulnerability. Recommendations: For...

E-Sic Cross-Site Scripting Vulnerability

E-Sic is a Brazilian electronic system for citizen information. A cross-site scripting vulnerability exists in E-Sic version 1.0. A remote attacker could exploit this vulnerability by injecting arbitrary Web script or HTML with the 'nome' parameter...

E-Sic Authentication Bypass Vulnerability

E-Sic is a Brazilian electronic system for citizen information. An authentication bypass vulnerability exists in the /index aka login URI in E-Sic version 1.0. An attacker can exploit this vulnerability to bypass authentication and gain access to the panel with the 'username' and 'password'...

E-Sic SQL Injection Vulnerability (CNVD-2018-10603)

E-Sic is a Brazilian electronic system for citizen information. A SQL injection vulnerability exists in E-Sic version 1.0. A remote attacker could exploit this vulnerability to execute arbitrary SQL commands...

E-Sic SQL Injection Vulnerability (CNVD-2018-10474)

E-Sic is a Brazilian electronic system for citizen information. A SQL injection vulnerability exists in E-Sic version 1.0. A remote attacker can exploit this vulnerability by sending the 'f' parameter to the esiclivre/restrito/inc/buscacep.php file to execute arbitrary SQL commands...