24 matches found
EUVD-2023-43721
Malicious code in bioql PyPI...
CVE-2023-3029
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
Cross site scripting
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attac...
CVE-2023-3035 Guangdong Pythagorean OA Office System Schedule cross site scripting
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attac...
CVE-2023-3035
CVE-2023-3035 affects Guangdong Pythagorean OA Office System (Gougu OA) up to version 4.50.31. The vulnerability lies in the Schedule Handler component, where manipulating the description argument results in cross-site scripting (XSS). The issue can be exploited remotely, and the exploit has been...
CVE-2023-3029
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
Cross site request forgery (csrf)
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
CVE-2023-3029
The CVE-2023-3029 issue affects Guangdong Pythagorean OA Office System (Gougu OA) up to version 4.50.31. A CSRF vulnerability arises from unknown code in /note/index/delete where manipulating the id parameter enables cross-site request forgery. Exploitation is possible remotely and publicized. Co...
Huatian Power collaborative OA office system has information leakage vulnerability
Dalian Huatian Software Co., Ltd. is an OA software and solution provider. An information leakage vulnerability exists in Huatian Power Collaborative OA Office System, which can be exploited by attackers to obtain sensitive information...
Cybozu Garoon Input Validation Error Vulnerability (CNVD-2022-53806)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An input validation error vulnerability exists in Cybozu Garoon, which stems from insufficient validation of...
Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-53803)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...
Cybozu Garoon License Issue Vulnerability (CNVD-2022-54300)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon, which originates from an error in the processing of...
Cybozu Garoon Authorization Issue Vulnerability (CNVD-2022-54302)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an authorization issue vulnerability that originates from improper privilege managemen...
Cybozu Garoon Bulletin Operational Restriction Bypass Vulnerability
An operational restriction bypass vulnerability exists in Bulletin in Cybozu Garoon, a portal-based OA office system of Cybozu Japan. An attacker can use this vulnerability to change the data in the bulletin without proper privileges...
Cybozu Garoon Message Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Message in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon E-mail Incorrect Input Verification Vulnerability
Cybozu Garoon is a portal type OA office system of Cybozu Japan. A security vulnerability exists in e-mail in Cybozu Garoon. The vulnerability can be exploited by an attacker to alter e-mail data without proper privileges...
Cybozu Garoon Portal Operation Restriction Bypass Vulnerability
An operational restriction bypass vulnerability exists in the Portal of Cybozu Garoon, a portal-based OA office system of Cybozu Japan. An attacker can use this vulnerability to change the data of the portal without proper privileges...
Cybozu Garoon View Restriction Bypass Vulnerability
Cybozu Garoon is a portal-based OA office system from Cybozu Japan. A view restriction bypass vulnerability exists in the Portal in Cybozu Garoon. An attacker can use this vulnerability to obtain data from the portal without viewing privileges...
Cybozu Garoon Bulletin Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Bulletin in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
XML entity injection vulnerability exists in Panmicro e-cology (CNVD-2020-58448)
Panmicro e-cology is an OA office system made for large and medium-sized enterprises, supporting PC, mobile and WeChat simultaneous office and so on. An XML entity injection vulnerability exists in Panmicro e-cology. An attacker can exploit this vulnerability to obtain sensitive information...