30 matches found
EUVD-2022-40861
Malicious code in bioql PyPI...
EUVD-2023-45945
Malicious code in bioql PyPI...
CVE-2025-50707
An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component...
CVE-2025-50707
ThinkPHP 3.x vulnerability CVE-2025-50707 affects v3.2.5. The issue allows remote code execution via the index.php component, caused by crafted template inclusion. Impact is as described: high risk of arbitrary code execution with network access and no user interaction. Public remediation availab...
CVE-2024-32236
An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component...
CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
CVE-2023-41451
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...
CVE-2023-24648
Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...
CVE-2020-21653
Myucms v2.2.1 contains a server-side request forgery SSRF in the component \controller\index.php, which can be exploited via the sj method...
CVE-2020-21649
Myucms v2.2.1 contains a server-side request forgery SSRF in the component \controller\index.php, which can be exploited via the sql method...
CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
PT-2024-30185 · Unknown · Acutoweb Server
Name of the Vulnerable Software and Affected Versions: AcuToWeb server version 10.5.0.7577C8b Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "index.php" component. This enables the attacker to perform unauthorized actions on the affected syste...
CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
CVE-2024-27746
SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component...
CVE-2023-41446
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...
CVE-2023-41447
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component...
Cross site scripting
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component...
CVE-2023-41446
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...
CVE-2023-41451
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...
CVE-2023-41452
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...