5 matches found
EUVD-2023-41856
Malicious code in bioql PyPI...
EUVD-2023-28826
Malicious code in bioql PyPI...
CVE-2023-48376
SmartStar Software CWS is a web-based integration platform, its file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service...
PT-2023-27916 · Rogic · Rogic No-Code Database Builder
Name of the Vulnerable Software and Affected Versions: Rogic No-Code Database Builder affected versions not specified Description: The issue concerns the file uploading function in Rogic No-Code Database Builder, which has insufficient filtering for special characters. This allows a remote attack...
Design/Logic Flaw
Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service...