47 matches found
EUVD-2022-5085
Malicious code in bioql PyPI...
EUVD-2022-5224
Malicious code in bioql PyPI...
EUVD-2025-24985
Malicious code in bioql PyPI...
EUVD-2022-3418
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-17577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Dolibarr 10.0.2. It has XSS via the outgoing email setup feature in the admin/mails.php?action=edit URI via the Email used for error...
Linux Distros Unpatched Vulnerability : CVE-2019-17578
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Dolibarr 10.0.2. It has XSS via the outgoing email setup feature in the admin/mails.php?action=edit URI via the Sender email for...
CVE-2025-41039 Stored Cross-Site Scripting vulnerability in appRain CMF
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'datasconfigadminlandingpage', 'datasconfigcurrency', 'datasconfigdbversion', 'datasconfigdefaultpagination',...
CVE-2025-9009
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009 itsourcecode Online Tour and Travel Management System email_setup.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009 itsourcecode Online Tour and Travel Management System email_setup.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009
The CVE covers itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function in /admin/email_setup.php where manipulating the Name argument triggers SQL injection. The issue allows remote exploitation and the exploit has been disclosed publicly. Connected sources cons...
itsourcecode Online Tour and Travel Management System 注入漏洞
itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system . An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which originates from a SQL injection due to incorrect...
CVE-2019-17577
An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the admin/mails.php?action=edit URI via the "Email used for error returns emails fields 'Errors-To' in emails sent" field...
CVE-2019-17576
An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the /admin/mails.php?action=edit URI via the "Send all emails to instead of real recipients, for test purposes" field...
CVE-2019-17578
An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the admin/mails.php?action=edit URI via the "Sender email for automatic emails default value in php.ini: Undefined" field...
CVE-2024-52508
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...
CVE-2023-6765
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function prepare of the file emailsetup.php. The manipulation of the argument name leads to sql injection. The exploit has been disclosed to the public a...
Sql injection
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function prepare of the file emailsetup.php. The manipulation of the argument name leads to sql injection. The exploit has been disclosed to the public a...