67 matches found
EUVD-2023-37677
Malicious code in bioql PyPI...
CVE-2023-33518
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request...
CVE-2021-26716
Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter...
CVE-2019-1010008
OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting XSS. The impact is: Theoretically low, but might potentially enable persistent XSS user could embed mal. code. The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the "M...
CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project = 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions...
CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project = 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions...
CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project = 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions...
PT-2025-5852 · Emoncms · Emoncms
Name of the Vulnerable Software and Affected Versions: Emoncms versions 11.6.9 and later Description: A SQL Injection vulnerability exists due to improper handling of user-supplied input in the data query parameter. This allows attackers to execute arbitrary SQL commands under specific conditions...
CVE-2025-22992
CVE-2025-22992 affects Emoncms (version 11.6.9 and later) via SQL Injection in the /feed/insert.json endpoint. The vulnerability stems from improper handling of user-supplied input in the data query parameter, enabling attackers to execute arbitrary SQL commands under specific conditions. Reporte...
CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project = 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions...
Emoncms 安全漏洞
Emoncms is an open source web application from Emoncms Open Source. The program is primarily used to process, record and display energy, temperature and other environmental data. A security vulnerability exists in Emoncms version 11.6.9 and earlier, which stems from improper handling of...
CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project = 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions...
CVE-2023-33518
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request...
CVE-2023-33518
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request...
Information disclosure
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request...
Emoncms 安全漏洞
Emoncms is an open source web application. The program is primarily used to process, record and display energy, temperature and other environmental data. A security vulnerability exists in Emoncms v11 and earlier versions, which stems from the presence of an information disclosure vulnerability...
CVE-2023-33518
CVE-2023-33518 affects emoncms versions 11 and later, with an information disclosure flaw that lets an attacker obtain the server’s web directory path and other leaked information via a crafted web request. The root cause is described as an information disclosure issue in emoncms v11+. Multiple s...
CVE-2023-33518
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request...
PT-2023-24374 · Emoncms · Emoncms
Name of the Vulnerable Software and Affected Versions: emoncms versions 11 and later Description: The issue allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request. This is an information disclosure vulnerability. Recommendations: For...
Cross-site Scripting (XSS) - DOM in emoncms/emoncms
Description EmonCMS 10.9.19 has a DOM-XSS vulnerability that is executed when javascript code is injected as imported data. Proof of Concept 1 - login into the app and browse to the section Feeds Import Data 2 - add alert1,a or 1638807909,alert2 in the CSV area. Then click on one of the empty fie...