6 matches found
EUVD-2025-6601
Malicious code in bioql PyPI...
CVE-2025-2201
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more...
CVE-2025-2201
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more...
CVE-2025-2200
SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query on the parameters user, id, idGroup, startdate and enddate in the endpoint...
CVE-2025-2201
CVE-2025-2201 is a confirmed broken access control vulnerability affecting the IcProgress Innovación y Cualificación plugin. Reported impact includes leakage of sensitive user information (e.g., public IP addresses, messages between users). CVSS v4.0 base score is 6.9 (MEDIUM). Exploitation detai...
CVE-2025-2200
The CVE-2025-2200 entry concerns a SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin (endpoint /report/icprogreso/generar_blocks.php). The issue allows an attacker to read, update, and delete database data by injecting SQL through the parameters user, id, idGroup, st...