EUVD-2024-16766

Malicious code in bioql PyPI...

EUVD-2024-16764

Malicious code in bioql PyPI...

CVE-2024-0988

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

CVE-2024-0989

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

CVE-2024-0987

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The...

CVE-2024-0989

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

CVE-2024-0989

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

Path traversal

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

CVE-2024-0989

CVE-2024-0989 affects Sichuan Yougou Technology KuERP up to v1.0.4. The del_sn_db function in /application/index/controller/Service.php processes the file argument leading to path traversal (example '../filedir'). The exploit has been disclosed publicly. Impact per CVSSv3.1: Network, no user inte...

CVE-2024-0989 Sichuan Yougou Technology KuERP Service.php del_sn_db path traversal

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

CVE-2024-0988

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

CVE-2024-0987

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The...

CVE-2024-0988

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

Design/Logic Flaw

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The...

Authentication flaw

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

CVE-2024-0988 Sichuan Yougou Technology KuERP common.php checklogin improper authentication

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

CVE-2024-0988

CVE-2024-0988 affects Sichuan Yougou Technology KuERP up to version 1.0.4. The vulnerability is in the function checklogin of the file /application/index/common.php, where manipulation of the arguments App_User_id / App_user_Token leads to improper authentication. The exploit has been disclosed p...

CVE-2024-0988 Sichuan Yougou Technology KuERP common.php checklogin improper authentication

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument AppUserid/AppuserToken leads to improper authentication. The explo...

CVE-2024-0987

CVE-2024-0987 affects Sichuan Yougou Technology KuERP up to version 1.0.4. The vulnerability lies in an unknown function under the /runtime/log path, causing improper output neutralization for logs. The exploit has been disclosed publicly. Connected sources confirm the affected product and compon...

CVE-2024-0987 Sichuan Yougou Technology KuERP log neutralization for logs

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The...