52 matches found
EUVD-2018-10146
Malware in sbrugna...
CVE-2025-40989
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
EUVD-2023-44389
Malicious code in bioql PyPI...
EUVD-2025-32105
Malicious code in bioql PyPI...
EUVD-2025-32104
Malicious code in bioql PyPI...
EUVD-2025-32102
Malicious code in bioql PyPI...
CVE-2025-40990
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectbug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to...
CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40990
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectbug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to...
CVE-2025-40990
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectbug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to...
CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40989
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
CVE-2025-40989
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40991
CVE-2025-40991 is a Stored XSS in Creativeitem Ekushey CRM v5.0. Root cause: lack of input validation in the project file upload endpoint at /ekushey/index.php/client/project_file/upload/xxxx, specifically the description parameter via POST. Impact (per sources): an attacker could craft input to ...
CVE-2025-40990
CVE-2025-40990 describes a Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 (Creativeitem) caused by insufficient validation of user inputs in the POST endpoint /ekushey/index.php/client/project_bug/create/xxx, where the vulnerable parameters are title and description. The weakness c...
CVE-2025-40990 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectbug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to...
CVE-2025-40990 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectbug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to...