70 matches found
EUVD-2024-39746
Malicious code in bioql PyPI...
EUVD-2025-32155
Malicious code in bioql PyPI...
CVE-2025-10386
A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects an unknown part of the file /login.do of the component POST Request Handler. The manipulation of the argument requestUrl results in cross site scripting. It is possible to launch the attack remotely...
CVE-2025-10386 Yida ECMS Consulting Enterprise Management System POST Request login.do cross site scripting
A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects an unknown part of the file /login.do of the component POST Request Handler. The manipulation of the argument requestUrl results in cross site scripting. It is possible to launch the attack remotely...
CVE-2025-10386 Yida ECMS Consulting Enterprise Management System POST Request login.do cross site scripting
A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects an unknown part of the file /login.do of the component POST Request Handler. The manipulation of the argument requestUrl results in cross site scripting. It is possible to launch the attack remotely...
Rebuild 安全漏洞
Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version 4.0.4, which stems from a flaw in the filtering code of the RebuildWebInterceptor class that could lead to information disclosure or elevation of privilege...
CVE-2024-42678
Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...
CVE-2024-42680
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark...
CVE-2024-42679
SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component...
CVE-2024-44761
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests...
CVE-2021-26832
Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...
CVE-2024-44760
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server...
CVE-2024-44761
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests...
CVE-2024-44761
CVE-2024-44761 affects EQ Enterprise Management System prior to v2.0.0 and allows directory traversal via crafted requests. The root cause is not explicitly detailed in the provided content, but multiple sources confirm a traversal vulnerability impacting versions before 2.0.0. Reported impact is...
EQ Enterprise Management System 安全漏洞
EQ Enterprise Management System is an enterprise management system from China-based EQ. A security vulnerability exists in EQ Enterprise Management System version v2.0.0. An attacker performs directory traversal via a crafted request...
PT-2024-31240 · Unknown · Eq Enterprise Management System
Name of the Vulnerable Software and Affected Versions: EQ Enterprise Management System versions prior to v2.0.0 Description: An issue in EQ Enterprise Management System allows attackers to execute a directory traversal via crafted requests. This issue affects versions prior to v2.0.0...
PT-2024-31239 · Unknown · Shenzhou News Union Enterprise Management System
Name of the Vulnerable Software and Affected Versions: Shenzhou News Union Enterprise Management System versions 5.0 through 18.8 Description: The issue is related to incorrect access control in the component /servlet/SnoopServlet, allowing attackers to access sensitive information regarding the...
CVE-2024-44760
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server...
SQL Injection Vulnerability in ezEIP of Guangzhou Wando Network Technology Co.
ezEIP is an enterprise management system. Ltd. ezEIP suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information from the database...
CVE-2024-42680
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark...