CVE-2022-31366

An arbitrary file upload vulnerability in the apiImportLabs function in apilabs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

PT-2025-52459

Name of the Vulnerable Software and Affected Versions EVE-NG version 6.4.0-13-PRO Description The software contains a directory traversal issue in the /api/export interface. This interface, used by authenticated users to export lab files, does not properly validate or filter user-supplied file pa...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

EUVD-2025-204572

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

EUVD-2022-52897

Malicious code in bioql PyPI...

EUVD-2024-27343

Malicious code in bioql PyPI...

EUVD-2022-32391

Malicious code in bioql PyPI...

CVE-2024-2391

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2022-27903

An OS Command Injection vulnerability in the configuration parser of Eve-NG Professional through 4.0.1-65 and Eve-NG Community through 2.0.3-112 allows a remote authenticated attacker to execute commands as root by editing virtualization command parameters of imported UNL files...

CVE-2024-2391

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-2391

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-2391 EVE-NG Lab cross site scripting

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-2391 EVE-NG Lab cross site scripting

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-2391

Summary: CVE-2024-2391 affects EVE-NG 5.0.1-13, specifically the Lab Handler component, where improper protection of the web page structure enables cross-site scripting. The issue can be exploited remotely, and public exploits/mentions exist (VDB-256442). Root cause: manipulation of an unknown La...

EVE-NG Cross-Site Scripting Vulnerability

EVE-NG is a clientless multi-vendor network emulation software from EVE-NG, Inc. A cross-site scripting vulnerability exists in EVE-NG version 5.0.1-13, which stems from the component Lab Handler that causes cross-site scripting...

Eve-ng 5.0.1-13 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Eve-ng 5.0.1-13 - Stored Cross-Site Scripting XSS Exploit Author: @casp3r0x0 hassan ali al-khafaji Vendor Homepage: https://www.eve-ng.net/ Software Link: https://www.eve-ng.net/index.php/download/ Version: Free EVE Community Edition Version 5.0.1-13 Tested on: Free EVE Community...

Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

Exploit Title: Eve-ng 5.0.1-13 - Stored Cross-Site Scripting XSS Google Dork: N/A Date: 12/6/2022 Exploit Author: @casp3r0x0 hassan ali al-khafaji Vendor Homepage: https://www.eve-ng.net/ Software Link: https://www.eve-ng.net/index.php/download/ Version: Free EVE Community Edition Version 5.0.1-1...