12 matches found
CVE-2025-60453
A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...
EUVD-2025-31344
Malicious code in bioql PyPI...
CVE-2025-11016
A security vulnerability has been detected in kalcaddle kodbox up to 1.61.09. The affected element is the function fileOut of the file app/controller/explorer/index.class.php. Such manipulation of the argument path leads to path traversal. The attack may be performed from remote. The exploit has...
CVE-2025-11016 kalcaddle kodbox index.class.php fileOut path traversal
A security vulnerability has been detected in kalcaddle kodbox up to 1.61.09. The affected element is the function fileOut of the file app/controller/explorer/index.class.php. Such manipulation of the argument path leads to path traversal. The attack may be performed from remote. The exploit has...
PT-2025-39640
Name of the Vulnerable Software and Affected Versions kalcaddle kodbox versions through 1.61.09 Description A security issue exists in kalcaddle kodbox versions through 1.61.09 related to path traversal. The fileOut function within the app/controller/explorer/index.class.php file is affected...
CVE-2024-37791
DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?classid...
PT-2023-32789 · Kodbox · Kodbox
Name of the Vulnerable Software and Affected Versions: kalcaddle kodbox versions up to 1.48 Description: A critical issue has been found, affecting the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the soffice argument leads to command...
CVE-2021-27823
An information disclosure vulnerability was discovered in /index.class.php via port 8181 on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system...
Information disclosure
An information disclosure vulnerability was discovered in /index.class.php via port 8181 on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system...
NetWave System 信息泄露漏洞
Mediatek Net NetWave System is an application system from Mediatek Net, China. System for Navy Fleet Management An information disclosure vulnerability exists in NetWave System 1.0, which originates in index.class.php. The vulnerability allows an unauthenticated attacker to steal sensitive...
phpyun_v4.0.0625最新版注入(可获取部分数据)
简要描述: RT 详细说明: 出现在wap\member\model\index.class.php中 function rinfoaction if$GET'type'&&intval$GET'id' $nid=$this-obj-DBdeleteall"resume".$GET'type',"eid='".int$GET'eid'."' and id='".int$GET'id'."' and uid='".$this-uid."'"; if$nid $url=$GET'type';...
PHPYUN 3.1 /wap/member/model/index.class.php SQL注入漏洞
No description provided by source...