14 matches found
EUVD-2025-16399
Malicious code in bioql PyPI...
EUVD-2024-34993
Malicious code in bioql PyPI...
EUVD-2025-16453
Malicious code in bioql PyPI...
EUVD-2025-16451
Malicious code in bioql PyPI...
EUVD-2025-16376
Malicious code in bioql PyPI...
EUVD-2025-16485
Malicious code in bioql PyPI...
EUVD-2025-16394
Malicious code in bioql PyPI...
EUVD-2025-16397
Malicious code in bioql PyPI...
CVE-2025-54366 FreeScout's deserialization of untrusted data leads to Remote Code Execution
FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APPKEY to achieve remo...
CVE-2025-48486
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting XSS vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and , allowing user input to be executed without proper filtering. This issue has...
CVE-2025-48479
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180...
CVE-2025-48477
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...
CVE-2025-48477 FreeScout Has Business Logic Errors
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...
CVE-2025-48475
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the System does not provide a check on which "clients" of the System an authorized user can view and edit, and which ones they cannot. As a result, an authorized user who does not have access to any of the...