EUVD-2026-32598

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

EUVD-2019-7579

Malware in sbrugna...

EUVD-2022-3360

Malicious code in bioql PyPI...

PT-2024-40027 · Silverstripe · Silverstripe Cms

Name of the Vulnerable Software and Affected Versions: Silverstripe CMS affected versions not specified Description: The issue concerns insufficient CSRF protection in GridField, which can be exploited to trick users with CMS access into posting unspecified data from external websites. This affec...

Chamilo 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo version 1.11.x through versions...

CVE-2021-41175 Stored XSS in Client Groups Management (Authenticated)

Pi-hole's Web interface based on AdminLTE provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue was patched in version 5.8...