EUVD-2025-2904

Malicious code in bioql PyPI...

EUVD-2024-36104

Malicious code in bioql PyPI...

EUVD-2021-33060

Malicious code in bioql PyPI...

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

TOTOLINK N300RT Security Breach

The TOTOLINK N300RT is an 802.11n compliant wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK N300RT version 3.2.4-B20180730.0906, which stems from improper access control and results in a Remote Code Execution RCE vulnerability. An attacker c...

CVE-2023-48860

TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code...

Code injection

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...

Cross site scripting via canonical URL

Date : 2022-05-05 CVE ID : CVE-2022-24899 Description Untrusted users can inject malicious code into the canonical tag, which is then executed on the web page front end. Affected versions Contao 4.13 up to 4.13.2 Suggested solution Update to Contao 4.13.3. Workaround Disable canonical tags in the...

CVE-2019-13410

TOPMeeting before version 8.8 2019/08/19 shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page...