19 matches found
EUVD-2022-52693
Malicious code in bioql PyPI...
EUVD-2022-52694
Malicious code in bioql PyPI...
CVE-2022-30982
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...
CVE-2022-30981
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
CVE-2022-30982
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...
CVE-2022-30981
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
CVE-2022-30982
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...
CVE-2022-30981
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
CVE-2022-30981
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
Remote code execution
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
Cross site scripting
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...
CVE-2022-30982
CVE-2022-30982 affects Gentics CMS prior to 5.43.1 with a stored XSS vulnerability in profile descriptions and usernames. Connected documents corroborate the issue and specify vulnerable versions (before 5.43.1) and a fix in 5.43.1 or higher. No exploitation details are provided in the sources; m...
CVE-2022-30982
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...
CVE-2022-30981
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution...
CVE-2022-30981
The provided Connected documents identify a concrete vulnerability: Gentics CMS prior to 5.43.1 is vulnerable to arbitrary data deserialization (via uploading a malicious ZIP file), which can potentially lead to Java code execution. The root cause is unsafe Java deserialization during ZIP upload....
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Vulnerability
Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities. ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable...
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable version: 5.36.29, see section below fixed version: 5.40.27, 5.41.15, 5.42.7,...
Gentics Software Gentics CMS 代码问题漏洞
Gentics Software Gentics CMS is a digital publishing and content management system from the Austrian company Gentics Software. A code issue vulnerability exists in Gentics CMS version 5.36.29, which can be exploited by an attacker to gain access to the RCE chain...
Gentics Software Gentics CMS 跨站脚本漏洞
Gentics Software Gentics CMS is a digital publishing and content management system from the Austrian company Gentics Software. A cross-site scripting vulnerability exists in Gentics CMS version 5.36.29. An attacker can exploit this vulnerability to store malicious JavaScript code in user names an...