86 matches found
EUVD-2024-17321
Malicious code in bioql PyPI...
EUVD-2024-47301
Malicious code in bioql PyPI...
EUVD-2024-17394
Malicious code in bioql PyPI...
EUVD-2025-27942
Malicious code in bioql PyPI...
EUVD-2024-48011
Malicious code in bioql PyPI...
EUVD-2024-47607
Malicious code in bioql PyPI...
EUVD-2023-57694
Malicious code in bioql PyPI...
EUVD-2024-48014
Malicious code in bioql PyPI...
EUVD-2025-27941
Malicious code in bioql PyPI...
EUVD-2024-17320
Malicious code in bioql PyPI...
CVE-2025-3895
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...
CVE-2025-3894
Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...
CVE-2025-3893
While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...
CVE-2025-3894
Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...
CVE-2025-3895
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...
CVE-2025-3893
While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...
CVE-2025-3895 Low token entropy in MegaBIP
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...
CVE-2025-3894
CVE-2025-3894 concerns MegaBIP: the text editor embedded in MegaBIP does not neutralize user input, enabling Stored XSS attacks across users. The issue requires high privileges to use the editor, with impact limited to if exploited in authenticated contexts as described; affected version detected...
CVE-2025-3894 Stored XSS in MegaBIP
Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...
CVE-2025-3895 Low token entropy in MegaBIP
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...