CVE-2025-1946

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

CVE-2025-1555

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the publ...

CVE-2025-1947

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

EUVD-2025-5446

Malicious code in bioql PyPI...

EUVD-2025-4475

Malicious code in bioql PyPI...

EUVD-2025-7447

Malicious code in bioql PyPI...

EUVD-2025-7446

Malicious code in bioql PyPI...

CVE-2025-1946

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

CVE-2025-1947

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

CVE-2025-1947

Affects: hzmanyun Education and Training System 2.1.3. Vulnerability: command injection in the scorm function of UploadImageController.java caused by improper handling of the param argument. Impact: remote exploitation with full impact on confidentiality, integrity, and availability as indicated ...

CVE-2025-1947 hzmanyun Education and Training System UploadImageController.java scorm command injection

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

CVE-2025-1947 hzmanyun Education and Training System UploadImageController.java scorm command injection

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

CVE-2025-1946 hzmanyun Education and Training System exportPDF command injection

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

CVE-2025-1946 hzmanyun Education and Training System exportPDF command injection

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

CVE-2025-1946

CVE-2025-1946 affects hzmanyun Education and Training System 2.1. The affected component is the exportPDF function in /user/exportPDF, where manipulating the id argument leads to command injection. The vulnerability may be exploited remotely and, per multiple sources, the exploit has been disclos...

PT-2025-9694

Name of the Vulnerable Software and Affected Versions hzmanyun Education and Training System version 2.1 Description A critical issue was found in the function exportPDF of the file /user/exportPDF, where the manipulation of the argument id leads to command injection. This issue can be exploited...

hzmanyun Education and Training System 注入漏洞

hzmanyun Education and Training System is an education and training system from China Man Yun hzmanyun Company. An injection vulnerability exists in version 2.1 of the hzmanyun Education and Training System, which stems from command injection...

hzmanyun Education and Training System 注入漏洞

hzmanyun Education and Training System is an education and training system from China Man Yun hzmanyun Company. An injection vulnerability exists in hzmanyun Education and Training System version 2.1.3, which stems from a command injection issue...

PT-2025-9695

Name of the Vulnerable Software and Affected Versions hzmanyun Education and Training System version 2.1.3 Description A critical vulnerability has been found in the hzmanyun Education and Training System. This affects the scorm function of the UploadImageController.java file. The manipulation of...

CVE-2025-1676

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...