968 matches found
GHSA-XGR2-5837-HF48 NovoSGA: Manipulation of User Creation Page can lead to weak password requirements
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11322
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
EUVD-2025-32490
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11322
CVE-2025-11322 affects Mangati NovoSGA up to version 2.2.12, where the vulnerability exists in the User Creation Page (file /novosga.users/new). Manipulating the password confirmation field Senha/Confirmação da senha enables weak password requirements and can be exploited remotely. The exploitati...
CVE-2025-11322 Mangati NovoSGA User Creation new weak password
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11313
A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...
EUVD-2025-32482
A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...
CVE-2025-11313 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findRolePage.do findRolePage sql injection
A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...
PT-2025-40838
Name of the Vulnerable Software and Affected Versions Tipray Data Leakage Prevention System version 1.0 Description A flaw exists in Tipray Data Leakage Prevention System that allows for SQL injection. The issue is located in the findRolePage.do file and specifically affects the findRolePage...
CVE-2025-11304
A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
EUVD-2025-32460
A flaw has been found in Belkin F9K1015 1.00.10. This affects an unknown part of the file /goform/formPPPoESetup. This manipulation of the argument pppUserName causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was...
EUVD-2025-32446
A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered...
CVE-2025-11280
The CVE-2025-11280 vulnerability affects Frappe LMS 2.35.0, in the Assignment Picture Handler component’s /files/ area. It enables a remote, high-complexity manipulation of a direct request, with exploitability rated as difficult and the exploit published. Upgrade the affected component as remedi...
EUVD-2025-25774
Malicious code in bioql PyPI...
EUVD-2025-30371
Malicious code in bioql PyPI...
EUVD-2025-31452
Malicious code in bioql PyPI...
EUVD-2025-25653
Malicious code in bioql PyPI...
EUVD-2025-29355
Malicious code in bioql PyPI...
EUVD-2025-30443
Malicious code in bioql PyPI...
EUVD-2025-27624
Malicious code in bioql PyPI...