EUVD-2023-59653

Malicious code in bioql PyPI...

EUVD-2023-46639

Malicious code in bioql PyPI...

EUVD-2023-46637

Malicious code in bioql PyPI...

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

CVE-2023-7259 zzdevelop lenosp Adduser Page cross site scripting

DISPUTED A vulnerability was found in zzdevelop lenosp up to 20230831. It has been classified as problematic. This affects an unknown part of the component Adduser Page. The manipulation of the argument username with the input alert1 leads to cross site scripting. It is possible to initiate the...

CVE-2023-7259 zzdevelop lenosp Adduser Page cross site scripting

DISPUTED A vulnerability was found in zzdevelop lenosp up to 20230831. It has been classified as problematic. This affects an unknown part of the component Adduser Page. The manipulation of the argument username with the input alert1 leads to cross site scripting. It is possible to initiate the...

CVE-2023-7259

CVE-2023-7259 concerns zzdevelop lenosp, Adduser Page, where the username parameter can be manipulated to trigger cross-site scripting. Affected versions are stated as up to 20230831. Descriptions across sources indicate the vulnerability may be exploitable remotely and involve XSS in the Adduser...

lenosp 跨站脚本漏洞

Lenosp is a Spring Boot 2.0 rapid development modular scaffolding organized by Zhengzhou Programmers zzdevelop in China. A cross-site scripting vulnerability exists in lenosp 20230831 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the username parameter of the...

PT-2024-15256 · Zzdevelop · Lenosp

Name of the Vulnerable Software and Affected Versions: zzdevelop lenosp versions up to 20230831 Description: A disputed issue affects an unknown part of the Adduser Page component. The manipulation of the username argument with the input alert1 leads to cross-site scripting. This can be initiated...

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

Sql injection

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

Privilege escalation

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

PT-2023-28285

Name of the Vulnerable Software and Affected Versions Lenosp versions 1.0.0 through 1.2.0 Description The issue concerns SQL Injection via the log query module. Recommendations For versions 1.0.0 through 1.2.0, consider restricting access to the log query module to minimize the risk of...