Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-52723

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00356EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35151

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.0067EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:1 a.m.10 views

CVE-2024-54997

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit...

5.4CVSS7.4AI score0.00267EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:44 a.m.8 views

CVE-2023-30788

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...

5.4CVSS7.2AI score0.00643EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.6 views

CVE-2024-54999

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the lastname parameter the General Information module...

6.6AI score0.00388EPSS
Exploits2References2
NVD
NVD
added 2025/01/10 9:15 p.m.10 views

CVE-2024-54998

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...

5.4CVSS0.00356EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/01/10 12:0 a.m.14 views

CVE-2024-54998

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...

0.00356EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.5 views

PT-2025-3088

Name of the Vulnerable Software and Affected Versions MonicaHQ version 4.1.2 Description The issue is related to an authenticated Client-Side Injection vulnerability in MonicaHQ. This vulnerability can be exploited via the Reason parameter at the "/people/h:id/debts/create" API endpoint...

5.4CVSS5.9AI score0.00356EPSS
Exploits2References9
Vulnrichment
Vulnrichment
added 2025/01/10 12:0 a.m.10 views

CVE-2024-54997

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit...

7.5AI score0.00267EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/01/10 12:0 a.m.10 views

CVE-2024-54998

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...

7.5AI score0.00356EPSS
Exploits2References2
CVE
CVE
added 2025/01/10 12:0 a.m.53 views

CVE-2024-54998

MonicaHQ v4.1.2 is affected by an authenticated Client-Side Injection vulnerability via the Reason parameter at the endpoint /people/h:[id]/debts/create. The issue is documented across multiple sources; the root cause is the insecure handling of the Reason parameter in this authenticated API path...

5.4CVSS7.7AI score0.00356EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/08 12:0 a.m.5 views

PT-2023-16703 · Monicahq · Monicahq

Name of the Vulnerable Software and Affected Versions: MonicaHQ version 4.0.0 Description: The issue allows an authenticated remote attacker to execute malicious code in the application via CSTI in the "settings" endpoint and first name parameter. Recommendations: For MonicaHQ version 4.0.0,...

8.8CVSS7.6AI score0.01424EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/05/08 12:0 a.m.13 views

CVE-2023-30789

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...

7.2AI score0.0067EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/05/08 12:0 a.m.8 views

CVE-2023-1031

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the settings endpoint and firstname parameter...

8.7AI score0.01424EPSS
Exploits1References2
Rows per page
Query Builder