69 matches found
CVE-2022-38080
Reflected cross-site scripting vulnerability in Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows a remote authenticated attacker to inject an arbitrary...
CVE-2022-38089
Stored cross-site scripting vulnerability in Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows a remote authenticated attacker to inject an arbitrary script...
CVE-2022-37333
SQL injection vulnerability in the Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows remote authenticated attackers to execute arbitrary SQL commands...
EUVD-2020-26781
Malware in sbrugna...
EUVD-2020-26780
Malware in sbrugna...
EUVD-2022-6513
Malicious code in bioql PyPI...
EUVD-2022-6593
Malicious code in bioql PyPI...
EUVD-2024-42141
Malicious code in bioql PyPI...
EUVD-2022-40691
Malicious code in bioql PyPI...
EUVD-2024-42690
Malicious code in bioql PyPI...
CVE-2024-46897
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...
CVE-2024-47793
Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns column type: images or files, an arbitrary script may be executed on the web browser of the user...
CVE-2020-5619
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via unspecified vectors...
CVE-2020-5620
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file...
CVE-2024-47793
Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns column type: images or files, an arbitrary script may be executed on the web browser of the user...
CVE-2024-47793
Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns column type: images or files, an arbitrary script may be executed on the web browser of the user...
CVE-2024-46897
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...
CVE-2024-46897
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...
CVE-2024-47793
CVE-2024-47793 affects Exment v6.1.4 and earlier and v5.0.11 and earlier. The issue is a stored cross-site scripting (XSS) vulnerability that can execute arbitrary script in a user’s browser when accessing the edit screen containing custom columns (column type: images or files). The underlying ro...
CVE-2024-47793
Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns column type: images or files, an arbitrary script may be executed on the web browser of the user...