19 matches found
EUVD-2025-15768
Malicious code in bioql PyPI...
EUVD-2025-15770
Malicious code in bioql PyPI...
EUVD-2025-15767
Malicious code in bioql PyPI...
CVE-2025-39392
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39406
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in mojoomla WPAMS apartment-management allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through = 44.0...
CVE-2025-39395
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39403
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39401
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39395
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39392
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39392 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39401 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...
CVE-2025-39402 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through 44.0 17-08-2023...
CVE-2025-39406
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in mojoomla WPAMS apartment-management allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through = 44.0...
CVE-2025-39403
CVE-2025-39403 is an unauthenticated SQL Injection vulnerability in the WordPress WPAMS (Apartment Management System) plugin, affecting versioned releases up to 44.0 (as of 17-08-2023). The root cause is improper neutralization of special elements in SQL commands, enabling attackers to exploit th...
CVE-2025-39406
CVE-2025-39406 : WordPress WPAMS plugin prior to or at version 44.0 is affected by a Local File Inclusion due to improper control of the filename in include/require statements. The issue enables PHP Local File Inclusion and is described as enabling privilege escalation within WPAMS. Affected soft...
PT-2025-22106 · Mojoomla · Mojoomla Wpams
Name of the Vulnerable Software and Affected Versions: mojoomla WPAMS versions n/a through 44.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: Fo...
PT-2025-22107
Name of the Vulnerable Software and Affected Versions: mojoomla WPAMS versions prior to 44.0 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential...
PT-2025-22075 · Mojoomla · Wpams
Name of the Vulnerable Software and Affected Versions: mojoomla WPAMS versions prior to 44.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...