EUVD-2025-10874

Malicious code in bioql PyPI...

EUVD-2025-10873

Malicious code in bioql PyPI...

EUVD-2025-15044

Malicious code in bioql PyPI...

EUVD-2025-15043

Malicious code in bioql PyPI...

CVE-2025-3560

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-3561

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2025-3559

A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-3558

A vulnerability, which was classified as critical, was found in ghostxbh uzy-ssm-mall 1.0.0. This affects an unknown part of the file /mall/user/uploadUserHeadImage. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-3561

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2025-3560

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-3560

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-3561 ghostxbh uzy-ssm-mall cross-site request forgery

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2025-3561

CVE-2025-3561 affects ghostxbh uzy-ssm-mall 1.0.0. The vulnerability is CSRF due to an unknown vulnerable function, potentially exploitable remotely. Exploit appears publicly disclosed. Connected sources align on the product/version and impact; no official patch/version fix is documented here. PT...

CVE-2025-3561 ghostxbh uzy-ssm-mall cross-site request forgery

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2025-3560

The CVE-2025-3560 entry concerns ghostxbh uzy-ssm-mall 1.0.0. The issue is a cross-site scripting (XSS) vulnerability in the /product endpoint caused by improper handling of the product_name argument. The problem is actionable remotely, and public disclosure of the exploit is noted. Connected sou...

CVE-2025-3560 ghostxbh uzy-ssm-mall product cross site scripting

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-3558

A vulnerability, which was classified as critical, was found in ghostxbh uzy-ssm-mall 1.0.0. This affects an unknown part of the file /mall/user/uploadUserHeadImage. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-3558

A vulnerability, which was classified as critical, was found in ghostxbh uzy-ssm-mall 1.0.0. This affects an unknown part of the file /mall/user/uploadUserHeadImage. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-3559

A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-3559

A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The...