CVE-2026-2176

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

CVE-2026-2176 code-projects Contact Management System index.py sql injection

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

CVE-2024-25123 Path Manipulation in file mslib/index.py in MSS

MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...

CVE-2024-25123 Path Manipulation in file mslib/index.py in MSS

MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...

CVE-2024-25123

MSS (Mission Support System) contains a path manipulation vulnerability in mslib/index.py where the filename route parameter can include ../, enabling reading of files outside the intended directory. This affects MSS prior to version 8.3.3; upgrade to 8.3.3 to mitigate. The issue is caused by how...

Dulwich Arbitrary code execution via commit with directory path starting with .git

The buildindexfromtree function in index.py in Dulwich versions 0.9.9 and below allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

CVE-2014-9706

The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

CVE-2014-9706

The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

CVE-2014-9706

The CVE concerns Dulwich (Python Git implementation). The vulnerability exists in the function build_index_from_tree (index.py) in Dulwich versions prior to 0.9.9, where a commit with a directory path starting with .git/ is not handled correctly during checkout, allowing remote command execution....

CVE-2014-9706

The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

UBUNTU-CVE-2014-5030

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on 1 index.html, 2 index.class, 3 index.pl, 4 index.php, 5 index.pyc, or 6 index.py...