17 matches found
EUVD-2025-10064
Malicious code in bioql PyPI...
EUVD-2025-10399
Malicious code in bioql PyPI...
EUVD-2025-10065
Malicious code in bioql PyPI...
CVE-2025-3391
A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...
CVE-2025-3392
A vulnerability was found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site...
CVE-2025-3389
A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...
CVE-2025-3388
A vulnerability classified as problematic was found in hailey888 oasystem up to 2025.01.01. This vulnerability affects the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation of the argument Username leads to cross site...
CVE-2025-3391
A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...
CVE-2025-3392 hailey888 oa_system Backend MailController.java save cross site scripting
A vulnerability was found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site...
CVE-2025-3392
CVE-2025-3392 affects hailey888 oa_system Backend, specifically the Save function in MailController.java. The root cause is manipulation of the MailNumberId argument leading to cross-site scripting. The issue supports remote exploitation and has public exploit material. Public advisories (Red Hat...
CVE-2025-3391 hailey888 oa_system Backend AddrController. java outAddress cross site scripting
A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...
CVE-2025-3391 hailey888 oa_system Backend AddrController. java outAddress cross site scripting
A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...
CVE-2025-3391
The CVE-2025-3391 issue affects hailey888 oa_system (versions up to 2025.01.01). The vulnerable component is AddrController.java, function outAddress; improper handling of the outtype parameter enables cross-site scripting (XSS) and the attack can be launched remotely. Exploit publicized. Public ...
CVE-2025-3389
A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...
CVE-2025-3390 hailey888 oa_system Backend DaymanageController.java addandchangeday cross site scripting
A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...
CVE-2025-3389 hailey888 oa_system Backend InformManageController.java testMess cross site scripting
A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...
CVE-2025-3389
The CVE-2025-3389 entry concerns hailey888 oa_system (Backend) with the vulnerable function testMess in InformManageController.java. The issue arises from manipulation of the menu argument, causing cross-site scripting. A remote attacker could exploit it, and public exploit references exist. Conn...