EUVD-2022-51499

Malicious code in bioql PyPI...

EUVD-2024-16528

Malicious code in bioql PyPI...

CVE-2022-4136

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

Deserialization of untrusted data

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-0739

The CVE describes a deserialization vulnerability in Hecheng Leadshop versions up to 1.4.20. The flaw resides in an unknown function of the file /web/leadshop.php, where manipulating the install argument enables remote code execution via deserialization. Public exploit has been disclosed. Connect...

PT-2024-15796 · Unknown · Hecheng Leadshop

Name of the Vulnerable Software and Affected Versions: Hecheng Leadshop versions up to 1.4.20 Description: A critical issue was found in Hecheng Leadshop, affecting an unknown function of the file /web/leadshop.php. The manipulation of the install argument leads to deserialization. It is possible...

Leadshop Code Issues Vulnerabilities

Leadshop is a free open source mall system that provides continuous update and iteration services, aiming to create the ultimate user experience! A code issue vulnerability exists in Hecheng Leadshop 1.4.20 and earlier versions, which stems from the parameter install in the file /web/leadshop.php...

CVE-2022-4136

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

Security feature bypass

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

CVE-2022-4136 Exposed Dangerous Method or Function in qmpaas/leadshop

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

Leadshop 安全漏洞

Leadshop is a free open source mall system that provides continuous update and iteration services to create the ultimate user experience! A security vulnerability exists in Leadshop v1.4.15. An attacker can exploit this vulnerability to take control of the target host by calling any function in...

CVE-2022-4136 Exposed Dangerous Method or Function in qmpaas/leadshop

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

PT-2022-25826 · Unknown · Qmpass/Leadshop

Name of the Vulnerable Software and Affected Versions: qmpass/leadshop version 1.4.15 Description: The issue allows an attacker to control the target host by calling any function in leadshop.php via the GET method, potentially leading to remote code execution RCE. This can enable an attacker to...

CVE-2022-4136

CVE-2022-4136 affects qmpass/leadshop v1.4.15. The vulnerability arises from leadshop.php using call_user_func_array with GET-supplied include, data, and meta, enabling an attacker to invoke arbitrary functions (e.g., HttpGet, ToMkdir, UpdateSql, DownloadFile, RemoveDir) and potentially execute c...

CVE-2022-4136 Exposed Dangerous Method or Function in qmpaas/leadshop

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...