EUVD-2025-3365

Malicious code in bioql PyPI...

CVE-2015-10077

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2025-23712

Cross-Site Request Forgery CSRF vulnerability in kapostintegrations Kapost kapost-byline allows Stored XSS.This issue affects Kapost: from n/a through = 2.2.9...

CVE-2025-23712

Cross-Site Request Forgery CSRF vulnerability in kapostintegrations Kapost kapost-byline allows Stored XSS.This issue affects Kapost: from n/a through = 2.2.9...

CVE-2025-23712

Cross-Site Request Forgery CSRF vulnerability in kapostintegrations Kapost kapost-byline allows Stored XSS.This issue affects Kapost: from n/a through = 2.2.9...

CVE-2025-23712 WordPress Kapost plugin <= 2.2.9 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in kapostintegrations Kapost kapost-byline allows Stored XSS.This issue affects Kapost: from n/a through = 2.2.9...

CVE-2025-23712

CVE-2025-23712 applies to Kapost (WordPress plugin) and describes a Cross-Site Request Forgery (CSRF) vulnerability that can lead to Stored Cross-Site Scripting (XSS). The entry indicates affected software Kapost from n/a up to version 2.2.9. The connected Red Hat advisory also references the sam...

WordPress Kapost plugin <= 2.2.9 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Kapost versions = 2.2.9...

PT-2025-5044 · Kapost · Kapost

Name of the Vulnerable Software and Affected Versions: Kapost versions n/a through 2.2.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS. This means an attacker can perform actions on behalf of a user without their knowledge and can also injec...

WordPress plugin Kapost 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

SQL Injection

webbuilders-group/silverstripe-kapost-bridge is vulnerable to SQL Injection. The vulnerability exists due to the improper sanitization in the database and table name designer feature allowing an attacker to submit arbitrary SQL query’s, resulting in Information Disclosure...

GHSA-32GR-X76G-267W SQL injection in webbuilders-group silverstripe-kapost-bridge

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

SQL injection in webbuilders-group silverstripe-kapost-bridge

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2015-10077

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

Sql injection

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2015-10077 webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2015-10077 webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2015-10077

CVE-2015-10077 affects webbuilders-group silverstripe-kapost-bridge 0.3.3. The vulnerability is in KapostService.php (index/getPreview) and enables SQL injection via insufficient input sanitization. Remote attacker could exploit it; upgrade to 0.4.0 is recommended. Patch 2e14b0fd0ea35034f90890f36...

webbuilders-group silverstripe-kapost-bridge SQL注入漏洞

Webbuilders Group silverstripe-kapost-bridge is a Webbuilders Group company that provides a flexible api to allow custom content types. A SQL injection vulnerability exists in webbuilders-group silverstripe-kapost-bridge version 0.3.3. An attacker can exploit this vulnerability to perform a sql...

PT-2023-10256 · Webbuilders · Silverstripe-Kapost-Bridge

Name of the Vulnerable Software and Affected Versions: webbuilders-group silverstripe-kapost-bridge version 0.3.3 Description: A critical issue has been found, affecting the index/getPreview function of the file code/control/KapostService.php. This issue leads to sql injection and can be launched...