EUVD-2021-29040

Malicious code in bioql PyPI...

CVE-2025-0984

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content Injection.This issue affec...

CVE-2025-0984 Arbitrary File Upload in Netoloji Software's E-Flow

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content Injection.This issue affec...

CVE-2025-0984 Arbitrary File Upload in Netoloji Software's E-Flow

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content Injection.This issue affec...

PT-2025-19873 · Netoloji · Netoloji Software E-Flow

Name of the Vulnerable Software and Affected Versions: Netoloji Software E-Flow versions prior to 3.23.00 Description: The issue affects Netoloji Software E-Flow, allowing unrestricted upload of files with dangerous types and improper neutralization of input during web page generation, which can...

Netoloji E-Flow 代码问题漏洞

Netoloji E-Flow is an application from the Turkish company Netoloji. A code issue vulnerability exists in Netoloji E-Flow versions prior to 3.23.00, which stems from an unrestricted upload of dangerous types of files and improper input neutralization during web page generation, which could lead t...

CVE-2021-42052

IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter...

CVE-2021-42052

IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter...

Path traversal

IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter...

CVE-2021-42052

IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter...

CVE-2021-42052

CVE-2021-42052 affects IPESA e-Flow 3.3.6. The vulnerability is a path traversal that allows reading any file within the web root via the lib/js/build/STEResource.res path and the R query parameter. It is documented with a high CVSS score (7.5, HIGH) and network attack vector with no privileges r...

IPESA e-Flow 路径遍历漏洞

IPESA e-Flow is a comprehensive solution from IPESA designed to improve the customer experience. A security vulnerability exists in IPESA e-Flow version 3.3.6 that stems from allowing path traversal to read any file in the web root directory...