61 matches found
e-SIC Livre 安全漏洞
e-SIC Livre is an open-source citizen information request system developed by esiclivre. Versions of e-SIC Livre prior to 0.2.2 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the cpfcnpj parameter in the Solicitante::resetaSenha function, which could...
EUVD-2017-6827
Malware in sbrugna...
EUVD-2017-6834
Malware in sbrugna...
EUVD-2017-6831
Malware in sbrugna...
EUVD-2017-6833
Malware in sbrugna...
EUVD-2017-6832
Malware in sbrugna...
EUVD-2024-21772
Malicious code in bioql PyPI...
CVE-2024-24350
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...
CVE-2017-15373
E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php aka the search private area...
CVE-2024-24350
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...
CVE-2024-24350
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...
Unrestricted file upload
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...
CVE-2024-24350
CVE-2024-24350 corresponds to a file upload vulnerability in Software Publico e-Sic Livre, affecting version 2.0 and earlier. The issue arises from the extension filtering component, enabling a remote attacker to upload crafted payloads that may lead to arbitrary code execution. The NVD/Red Hat a...
CVE-2024-24350
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...
Software Publico e-Sic Livre Code Issue Vulnerability
Software Publico e-Sic Livre is a solution from the Brazilian company Software Publico designed to manage public services based on Q&A. A code issue vulnerability exists in Software Publico e-Sic Livre v.2.0 and prior versions, which stems from the presence of a file upload vulnerability that cou...
PT-2024-20371 · Software Publico · E-Sic Livre
Name of the Vulnerable Software and Affected Versions: Software Publico e-Sic Livre versions 2.0 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the extension filtering component. This is a result of a File Upload vulnerability. Recommendations: For...
E-Sic SQL Injection Vulnerability (CNVD-2018-10474)
E-Sic is a Brazilian electronic system for citizen information. A SQL injection vulnerability exists in E-Sic version 1.0. A remote attacker can exploit this vulnerability by sending the 'f' parameter to the esiclivre/restrito/inc/buscacep.php file to execute arbitrary SQL commands...
E-Sic SQL Injection Vulnerability (CNVD-2018-10603)
E-Sic is a Brazilian electronic system for citizen information. A SQL injection vulnerability exists in E-Sic version 1.0. A remote attacker could exploit this vulnerability to execute arbitrary SQL commands...
E-Sic Cross-Site Scripting Vulnerability
E-Sic is a Brazilian electronic system for citizen information. A cross-site scripting vulnerability exists in E-Sic version 1.0. A remote attacker could exploit this vulnerability by injecting arbitrary Web script or HTML with the 'nome' parameter...
E-Sic Authentication Bypass Vulnerability
E-Sic is a Brazilian electronic system for citizen information. An authentication bypass vulnerability exists in the /index aka login URI in E-Sic version 1.0. An attacker can exploit this vulnerability to bypass authentication and gain access to the panel with the 'username' and 'password'...