16 matches found
EUVD-2023-37572
Malicious code in bioql PyPI...
EUVD-2023-37571
Malicious code in bioql PyPI...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
CVE-2023-33408
Minical 1.0.0 is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to insufficient input validation in the application's user input handling in the securityhelper.php file...
CVE-2023-3307
CVE-2023-3307 affects miniCal 1.0.0 with a SQL injection vulnerability in the /booking/show_bookings/ endpoint via the search_query parameter. Multiple sources confirm remote exploitation chances and public disclosure. Root cause: lack of input validation on the search_query parameter leading to ...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
CVE-2023-33408
Minical 1.0.0 is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to insufficient input validation in the application's user input handling in the securityhelper.php file...
CVE-2023-33408
Minical 1.0.0 is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to insufficient input validation in the application's user input handling in the securityhelper.php file...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
Cross site request forgery (csrf)
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
Cross site scripting
Minical 1.0.0 is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to insufficient input validation in the application's user input handling in the securityhelper.php file...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
CVE-2023-33408
Minical 1.0.0 is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to insufficient input validation in the application's user input handling in the securityhelper.php file...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
PT-2023-24335 · Minical · Minical
Name of the Vulnerable Software and Affected Versions: Minical version 1.0.0 Description: The issue is related to Cross Site Request Forgery CSRF via the minical/public/application/controllers/settings/company.php file. This means an attacker could potentially trick a user into performing...