15 matches found
EUVD-2025-7516
Malicious code in bioql PyPI...
EUVD-2022-40342
Malicious code in bioql PyPI...
EUVD-2022-40343
Malicious code in bioql PyPI...
CVE-2025-2133
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2133
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2133 ftcms edit cross site scripting
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2133
CVE-2025-2133 affects ftcms 2.1. The vulnerability lies in the /admin/index.php/news/edit functionality, where improper handling of the title parameter enables cross‑site scripting. Attackers can exploit remotely; public disclosure exists. Other parameters may be affected. The sources do not prov...
CVE-2025-2132 ftcms Search ajax_all_lists sql injection
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajaxalllists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2025-2132 ftcms Search ajax_all_lists sql injection
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajaxalllists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2025-2132
The CVE-2025-2132 entry concerns ftcms 2.1. An SQL injection vulnerability arises in the Search component, specifically the unknown function in /admin/index.php/web/ajax_all_lists, caused by manipulation of the argument name. It is exploitable remotely over the network. The exploit has been discl...
CVE-2022-37731
ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing...
CVE-2022-37730
In ftcms 2.1, there is a Cross Site Request Forgery CSRF vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server corresponding to the identity authentication...
Cross site request forgery (csrf)
In ftcms 2.1, there is a Cross Site Request Forgery CSRF vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server corresponding to the identity authentication...
CVE-2022-37731
Summary : CVE-2022-37731 affects ftcms 2.1, specifically the poster.PHP page, which is vulnerable to a reflected/DOM-based XSS that allows an attacker to inject malicious JavaScript code. When a user or administrator accesses the affected page, the injected script can execute in their browser. Th...
CVE-2022-37730
In ftcms 2.1, there is a Cross Site Request Forgery CSRF vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server corresponding to the identity authentication...