EUVD-2018-21512

Malware in sbrugna...

EUVD-2025-7826

Malicious code in bioql PyPI...

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

Nintex Automation 安全漏洞

Nintex Automation is a workflow automation software from Nintex. A security vulnerability exists in Nintex Automation versions prior to 5.8, which originates from a configuration file in the K2 SmartForms Designer folder that contains a password that can be read by an unauthorized user...

PT-2025-10645

Name of the Vulnerable Software and Affected Versions Nintex Automation versions 5.6 through 5.7 Description The issue concerns configuration files in the K2 SmartForms Designer folder that contain passwords readable by unauthorized users. Recommendations For Nintex Automation versions 5.6 throug...

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

K2 smartforms server-side request forgery vulnerability

K2 smartforms is the United States K2 company's a browser-based smart form adding tools. A server-side request forgery vulnerability exists in the runtime application in K2 smartforms version 4.6.11. An attacker can exploit this vulnerability by modifying the hostname in the...

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

Server side request forgery (ssrf)

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

CVE-2018-9920

K2 Smartforms 4.6.11 is affected by a server-side request forgery (SSRF) vulnerability. The issue arises in the runtime application when a modified hostname in the URL https://*/Identity/STS/Forms/Scripts allows an attacker to redirect the application to an external domain, manipulating data rend...

K2 Smartforms 4.6.11 Server-Side Request Forgery

Vulnerability type: Server Side Request Forgery Vendor: https://www.k2.com/ Product: K2 Smartforms Affected version: 4.6.11 Credit: Foo Jong Meng CVE ID: CVE-2018-9920 DESCRIPTION: Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an...

K2 SmartForms / BlackPearl SQL Injection

Title: Boolean-based SQL injection Vulnerability in K2 Platforms. Author: Wissam Bashour - Help AG Middle East Vendor: K2 Product: SmartForms, BlackPearl, K2 for sharepoint Version: 4.6.7 Tested Version: Version 4.6.7 Severity: HIGH CVE Reference: CVE-2015-7299 About the Product: K2 smartforms ca...