29 matches found
EUVD-2022-44100
Malicious code in bioql PyPI...
EUVD-2022-44098
Malicious code in bioql PyPI...
EUVD-2022-44099
Malicious code in bioql PyPI...
EUVD-2022-44097
Malicious code in bioql PyPI...
CVE-2022-40840
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...
CVE-2022-40841
A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...
CVE-2022-40841
A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...
CVE-2022-40841
CVE-2022-40841 describes a cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0. The issue arises from crafting payloads injected into the htmlNodes parameter, allowing attackers to execute arbitrary web scripts or HTML in victims’ browsers. CVSS v3.1 base score is 6....
NdkAdvancedCustomizationFields 跨站脚本漏洞
NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A security vulnerability exists in NdkAdvancedCustomizationFields version v3.5.0, which originates from Cross-Site Scripting XSS and allows attackers to execute arbitrary web script or HTML via a crafted payload injected...
CVE-2022-40841
A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...
NdkAdvancedCustomizationFields Server-Side Request Forgery Vulnerability
NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A server-side request forgery vulnerability exists in NdkAdvancedCustomizationFields 3.5.0 and prior versions, which stems from rotateimg.php failing to properly validate user input. An attacker could use this vulnerabili...
CVE-2022-40842
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...
Server side request forgery (ssrf)
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...
CVE-2022-40842
CVE-2022-40842 affects ndk design NdkAdvancedCustomizationFields 3.5.0 and is a Server-Side Request Forgery (SSRF) issue exposed via rotateimg.php. The CVSS v3.1 base score is 9.1 (CRITICAL) with network attack vector, no user interaction, and no privileges required; impact is confidentiality and...
CVE-2022-40842
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...
CVE-2022-40842
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...
CVE-2022-40840
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...
Cross site scripting
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...
CVE-2022-40840
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...