27 matches found
CVE-2026-3958
A vulnerability has been found in Woahai321 ListSync up to 0.6.6. This issue affects the function requests.post of the file list-sync-main/apiserver.py of the component JSON Handler. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The...
CVE-2026-3958 Woahai321 ListSync JSON api_server.py requests.post server-side request forgery
A vulnerability has been found in Woahai321 ListSync up to 0.6.6. This issue affects the function requests.post of the file list-sync-main/apiserver.py of the component JSON Handler. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The...
PT-2026-24858
A vulnerability has been found in Woahai321 ListSync up to 0.6.6. This issue affects the function requests.post of the file list-sync-main/api server.py of the component JSON Handler. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The...
EUVD-2019-19077
Malware in sbrugna...
EUVD-2025-10063
Malicious code in bioql PyPI...
EUVD-2022-7747
Malicious code in bioql PyPI...
CVE-2022-4348
A vulnerability was found in yproject RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publi...
CVE-2025-3387
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387 renrenio renren-security JSON cross site scripting
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387
The CVE-2025-3387 issue affects renrenio renren-security up to version 5.4.0, specifically the JSON Handler component. Root cause is a cross-site scripting vulnerability in the JSON Handler that can be triggered remotely. Publicly disclosed exploit details exist, and the impact is limited to the ...
PT-2025-15306 · Renrenio · Renren-Security
Name of the Vulnerable Software and Affected Versions: renrenio renren-security versions up to 5.4.0 Description: A vulnerability has been found in renrenio renren-security, affecting an unknown part of the JSON Handler component. The manipulation leads to cross-site scripting attacks, which can ...
renren-security 代码注入漏洞
renren-security is a lightweight, front-end and back-end separated Java rapid development platform open source by renrenio. A code injection vulnerability exists in renren-security version 5.4.0 and earlier, which stems from cross-site scripting in JSON Handler...
RuoYi-Cloud Cross-site Scripting vulnerability
A vulnerability was found in yproject RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publi...
GHSA-VP22-232W-H9X8 RuoYi-Cloud Cross-site Scripting vulnerability
A vulnerability was found in yproject RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publi...
Cross site scripting
A vulnerability was found in yproject RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publi...
RuoYi 安全漏洞
RuoYi is a backend management system by the individual developer RuoYi in China. A security vulnerability exists in RuoYi, which stems from some unknown functions in its JSON Handler component that allow an attacker to implement cross-site scripting. The attack method has been made public and can...
CVE-2022-4348 y_project RuoYi-Cloud JSON cross site scripting
A vulnerability was found in yproject RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publi...
PT-2022-26934 · Y · Ruoyi-Cloud
Name of the Vulnerable Software and Affected Versions: y project RuoYi-Cloud affected versions not specified Description: A vulnerability was found in the JSON Handler component of y project RuoYi-Cloud, which can be exploited to lead to cross site scripting. The attack may be launched remotely...