11 matches found
EUVD-2022-53480
Malicious code in bioql PyPI...
CVE-2025-34047
A path traversal vulnerability exists in the Leadsec SSL VPN formerly Lenovo NetGuard, allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation,...
CVE-2022-32285
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...
CVE-2020-7862
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process...
GetSimple CMS <= 3.3.16 RCE Vulnerability
GetSimple CMS is prone to a remote code execution RCE vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
eNpaper1 - Root_Header.php Remote File Inclusion
eNpaper1 - RootHeader.php Remote File Inclusion source: https://www.securityfocus.com/bid/18649/info eNpaper1 is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remo...
[Full-disclosure] Advisories for 4 vulnerabilities addressed by Apple SU 2005-005
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have published advisories for 4 security vulnerabilities in Mac OS X that were addressed by Apple Security Update 2005-005, released today. http://docs.info.apple.com/article.html?artnum=301528. This email contains brief summaries of the problems...
eCommerce Corporation Online Store Kit 3.0 - listing.php?id SQL Injection
eCommerce Corporation Online Store Kit 3.0 - listing.php?id SQL Injection source: https://www.securityfocus.com/bid/9687/info It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via...
eCommerce Corporation Online Store Kit 3.0 - shop.php?cat SQL Injection
eCommerce Corporation Online Store Kit 3.0 - shop.php?cat SQL Injection source: https://www.securityfocus.com/bid/9687/info It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via t...
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
source: https://www.securityfocus.com/bid/9687/info It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI. As a result of this a malicious user may influence database...
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
source: https://www.securityfocus.com/bid/9687/info It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI. As a result of this a malicious user may influence database...