EUVD-2023-23912

Malicious code in bioql PyPI...

EUVD-2023-50647

Malicious code in bioql PyPI...

EUVD-2023-44229

Malicious code in bioql PyPI...

EUVD-2023-23913

Malicious code in bioql PyPI...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30885

Reflected Cross-Site Scripting XSS vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component...

CVE-2023-3579

A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2023-46428

An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file...

CVE-2023-1685

A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has be...

CVE-2023-1684

A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app=superadmin:index. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

HadSky 跨站脚本漏洞

HadSky is an original open source php lightweight forum system by the Chinese company HadSky. A cross-site scripting vulnerability exists in HadSky v7.6.3, which originates from the presence of cross-site scripting in the remote linking functionality that allows an attacker to execute arbitrary w...

CVE-2024-30886

Issue summary: CVE-2024-30886 is a stored XSS in HadSky v7.6.3, specifically in the remotelink function where an attacker can inject a crafted payload into the url parameter to execute arbitrary web scripts/HTML. Affected component: HadSky, version 7.6.3, remotelink functionality. Root cause & im...

PT-2024-23658 · Hadsky · Hadsky

Name of the Vulnerable Software and Affected Versions: HadSky version 7.6.3 Description: A stored cross-site scripting XSS issue in the remotelink function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter. Recommendations: For HadSky...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30885

Reflected Cross-Site Scripting XSS vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component...

HadSky 安全漏洞

HadSky is an original open source php lightweight forum system by the Chinese company HadSky. A security vulnerability exists in HadSky v7.6.3, which stems from a Reflective Cross-Site Scripting XSS vulnerability that allows remote attackers to execute arbitrary code and obtain sensitive...

CVE-2024-30885

Reflected Cross-Site Scripting XSS vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component...

PT-2024-23657 · Hadsky · Hadsky

Name of the Vulnerable Software and Affected Versions: HadSky version 7.6.3 Description: A Reflected Cross-Site Scripting XSS issue allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component. Recommendations: For HadSky version 7.6.3, update ...