EUVD-2022-50621

Malicious code in bioql PyPI...

EUVD-2022-50623

Malicious code in bioql PyPI...

EUVD-2022-50622

Malicious code in bioql PyPI...

EUVD-2022-50616

Malicious code in bioql PyPI...

EUVD-2022-50619

Malicious code in bioql PyPI...

EUVD-2022-50618

Malicious code in bioql PyPI...

EUVD-2022-50617

Malicious code in bioql PyPI...

EUVD-2022-52121

Malicious code in bioql PyPI...

CVE-2022-47865

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php...

CVE-2022-47864

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php...

CVE-2022-47862

Lead Management System v1.0 is vulnerable to SQL Injection via the customerid parameter in ajaxrepresent.php...

CVE-2022-47860

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php...

CVE-2022-47861

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php...

CVE-2022-47859

Lead Management System v1.0 is vulnerable to SQL Injection via the userid parameter in changePassword.php...

CVE-2022-47866

Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php...

WordPress plugin CRM and Lead Management by vcita 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

CVE-2024-13703

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress CRM and Lead Management by vcita plugin <= 2.7.1 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle vulnerability

Missing Authorization to Authenticated Susbcriber+ Widget Toggle vulnerability discovered by yudha in WordPress Plugin CRM and Lead Management by vcita versions = 2.7.5...

CVE-2022-4855

A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

WordPress CRM and Lead Management by vcita Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)

Software CRM and Lead Management by vcita Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2404 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 13e385882b8d Credits...