66 matches found
EUVD-2020-31218
Easy2Pilot 7 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the admin.php?action=adduser endpoint with POST requests...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2025-13064
Technical details about CVE-2025-13064 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
PT-2026-7231
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with...
CVE-2019-12398
In Apache Airflow before 1.10.5 when running with the "classic" UI, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. The new "RBAC" UI is unaffected...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It's not just about hacking anymore. Criminals are building systems to...
EUVD-2017-5883
Malware in sbrugna...
EUVD-2021-22910
Malware in sbrugna...
EUVD-2019-0010
Malware in sbrugna...
EUVD-2019-0015
Malware in sbrugna...
EUVD-2019-0017
Malware in sbrugna...
EUVD-2021-1248
Malware in sbrugna...
EUVD-2023-52481
Malicious code in bioql PyPI...
EUVD-2022-49472
Malicious code in bioql PyPI...
EUVD-2023-52479
Malicious code in bioql PyPI...