23 matches found
EUVD-2025-31563
Malicious code in bioql PyPI...
EUVD-2025-24951
Malicious code in bioql PyPI...
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10343 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10343
CVE-2025-10343 describes a stored HTML injection in Perfex CRM v3.2.1 caused by insufficient validation of user input. An attacker can inject HTML by sending a POST request to the /expenses/expense endpoint, with the malicious content in the expense_name parameter. The connected sources confirm P...
CVE-2025-10343 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
PT-2025-39816
Name of the Vulnerable Software and Affected Versions Perfex CRM version 3.2.1 Description An HTML injection issue exists in Perfex CRM version 3.2.1. The issue is due to insufficient validation of user-supplied data. An attacker can inject HTML code by sending a POST request to the...
Perfex CRM 跨站脚本漏洞
Perfex CRM is a customer relationship management software from Perfex CRM open source. It is used to manage customers, projects and create invoices in the cloud. A cross-site scripting vulnerability exists in Perfex CRM version 3.2.1, which stems from insufficient validation of user input for the...
CVE-2025-8984
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8984
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8984
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8984 itsourcecode Online Tour and Travel Management System expense_category.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8984 itsourcecode Online Tour and Travel Management System expense_category.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8984
CVE-2025-8984 affects itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is in an unknown function within /admin/operations/expense_category.php, where manipulating the expense_name argument leads to SQL injection. It can be exploited remotely, and public exploits have b...
PT-2025-33415 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the...
itsourcecode Online Tour and Travel Management System 注入漏洞
itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. An injection vulnerability exists in itsourcecode Online Tour and Travel Management System version 1.0, which is caused by incorrect manipulation of the parameter...
Sentrifugo CMS 3.2 Cross Site Scripting
Document Title: =============== Sentrifugo v3.2 CMS - Persistent XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2229 Release Date: ============= 2020-05-05 Vulnerability Laboratory ID VL-ID: ==================================== 22...
Sentrifugo v3.2 CMS - Persistent XSS Web Vulnerability
Document Title: =============== Sentrifugo v3.2 CMS - Persistent XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2229 Release Date: ============= 2020-05-04 Vulnerability Laboratory ID VL-ID: ==================================== 22...