14 matches found
EUVD-2023-35149
Malicious code in bioql PyPI...
EUVD-2023-23381
Malicious code in bioql PyPI...
EUVD-2023-35150
Malicious code in bioql PyPI...
EUVD-2023-23323
Malicious code in bioql PyPI...
CVE-2024-54996
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create...
CVE-2023-30790
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/relationships endpoint and firstname and lastname parameter...
CVE-2023-30789
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...
CVE-2023-30787
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...
CVE-2023-1094
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/food endpoint and food parameter...
CVE-2024-54997
MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit...
CVE-2024-54994
MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the firstname and lastname parameters in the Add a new relationship feature...
CVE-2023-1094
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/food endpoint and food parameter...
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
CVE-2023-30790
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/relationships endpoint and firstname and lastname parameter...