Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-35888

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00296EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41360

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00537EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.3 views

PT-2025-29510 · Unknown · Metersphere

Name of the Vulnerable Software and Affected Versions: MeterSphere versions prior to 3.6.5-lts Description: MeterSphere, a continuous testing platform, contains a flaw due to improper validation or sanitization of the sortField parameter in specific API endpoints. This allows attackers to inject...

7.2CVSS7.4AI score0.00357EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:43 a.m.5 views

CVE-2023-30550

MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some...

6.8CVSS6.6AI score0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:41 a.m.10 views

CVE-2023-29944

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench...

9.8CVSS7.3AI score0.02083EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:26 a.m.7 views

CVE-2023-25814

metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the...

7.1CVSS6.7AI score0.00858EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:17 p.m.12 views

CVE-2022-23544

MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery that leads to Cross-Site Scripting. A Server-Side request forgery in...

7.2CVSS6.8AI score0.01607EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.4 views

MeterSphere 安全漏洞

MeterSphere is MeterSphere's open source one-stop open source continuous testing platform. A security vulnerability exists in versions prior to MeterSphere 2.10.15-lts that stems from allowing users without workspace privileges to view functional test cases in other workspaces that exceed their...

4.3CVSS6.7AI score0.00296EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.3 views

Metersphere 安全漏洞

MeterSphere is MeterSphere's open source one-stop open source continuous testing platform. A security vulnerability exists in Metersphere versions prior to 2.10.2 LTS, which stems from a lack of permission checking in certain critical APIs, allowing normal users to use the APIs of high-privileged...

8.8CVSS7.9AI score0.00589EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/14 1:9 p.m.4 views

CVE-2022-23512 Metersphere is vulnerable to Path Injection.

MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value testId in new...

7.7CVSS7.4AI score0.00827EPSS
Exploits1References1
Rows per page
Query Builder