EUVD-2024-33613

Malicious code in bioql PyPI...

CVE-2024-11021

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser...

CVE-2024-11020

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-11020

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-11021 Grand Vice info Webopac - Stored XSS

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser...

CVE-2024-11021

CVE-2024-11021 relates to a Stored Cross-site Scripting vulnerability in Webopac from Grand Vice info. The issue allows remote attackers with regular privileges to inject arbitrary JavaScript into the server, which is executed in users’ browsers when visiting the affected page. Connected sources ...

CVE-2024-11021 Grand Vice info Webopac - Stored XSS

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser...

CVE-2024-11020 Grand Vice info Webopac7 - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-11020

CVE-2024-11020 affects Grand Vice info Webopac (Webopac from Grand Vice info). The vulnerability is a SQL Injection in the Webopac web interface that allows an unauthenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents. Several sources corrobora...

CVE-2024-11020 Grand Vice info Webopac7 - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-11019

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...

CVE-2024-11018

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...

CVE-2024-11019

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...

CVE-2024-11017

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...

CVE-2024-11017

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...

CVE-2024-11016

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-11019 Grand Vice info Webopac7 - Reflected XSS

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...

CVE-2024-11019 Grand Vice info Webopac7 - Reflected XSS

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...

CVE-2024-11018 Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...

CVE-2024-11018

CVE-2024-11018 affects Grand Vice Info Webopac. Public records describe a lack of proper file-type validation that allows unauthenticated remote attackers to upload and execute webshells, potentially enabling arbitrary code execution on the server. Affected versions are stated as up to 6.5.0/7.2....