21 matches found
EUVD-2024-35306
Malicious code in bioql PyPI...
EUVD-2024-1660
Malicious code in bioql PyPI...
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution RCE under certain conditions...
GHSA-J6CV-98JX-MRWR Mocodo vulnerable to SQL injection in `/web/generate.php`
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution RCE under certain conditions...
Mocodo vulnerable to SQL injection in `/web/generate.php`
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution RCE under certain conditions...
Remote Code Execution (RCE)
mocodo is vulnerable to Remote Code Execution. The vulnerability is due to improper input validation at /web/rewrite.php, which allows an attacker to inject and execute arbitrary code...
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution RCE under certain conditions...
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution RCE under certain conditions...
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution RCE under certain conditions...
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sqlcase input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution RCE under certain conditions...
CVE-2024-35374
CVE-2024-35374 affects Mocodo Online 4.2.6 and earlier, where the sql_case input field in /web/generate.php is not sanitized properly. This allows remote attackers to execute arbitrary commands, potentially leading to remote code execution (RCE) under certain conditions. Exploitation and impact a...
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...
CVE-2024-35373
CVE-2024-35373 affects Mocodo Mocodo Online 4.2.6 and earlier. The vulnerability is a Remote Code Execution flaw exploitable via the /web/rewrite.php endpoint, attributed to improper input handling/validation per sources in the connected documents. CVSSv3.1 base score is 9.8 (CRITICAL) with netwo...
PT-2024-26467
Name of the Vulnerable Software and Affected Versions Mocodo Mocodo Online versions 4.2.6 and below Description The issue arises from improper sanitization of the sql case input field in the /web/generate.php endpoint, allowing remote attackers to execute arbitrary SQL commands and potentially...
PT-2024-26466 · Mocodo · Mocodo Online
Name of the Vulnerable Software and Affected Versions: Mocodo Mocodo Online versions 4.2.6 and below Description: The issue allows for Remote Code Execution via the "/web/rewrite.php" API endpoint. Recommendations: For versions 4.2.6 and below, as a temporary workaround, consider restricting acce...
Mocodo 安全漏洞
Mocodo is an open source software from Mocodo to help teach and learn about the fundamentals of knowledge. A security vulnerability exists in Mocodo 4.2.6 and earlier versions that stems from vulnerability to remote code execution via /web/rewrite.php...