CVE-2023-49782

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server richdocumentscode release 23.5.601...

CVE-2025-14637 itsourcecode Online Pet Shop Management System addcnp.php sql injection

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to...

Microsoft Dynamics 365 跨站脚本漏洞

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. It is used for financial management, production management and business intelligence management. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 Field Service...

PT-2025-46504

Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 Field Service online affected versions not specified Description The issue is a cross-site scripting XSS flaw due to improper neutralization of input during web page generation. This allows an authorized attacker to...

EUVD-2019-10004

Malware in sbrugna...

EUVD-2019-10002

Malware in sbrugna...

EUVD-2020-6470

Malware in sbrugna...

EUVD-2024-35306

Malicious code in bioql PyPI...

EUVD-2021-30700

Malicious code in bioql PyPI...

EUVD-2024-36569

Malicious code in bioql PyPI...

CVE-2021-32744

Collabora Online is a collaborative online office suite. In versions prior to 4.2.17-1 and version 6.4.9-5, unauthenticated attackers are able to gain access to files which are currently opened by other users in the Collabora Online editor. For successful exploitation the attacker is required to...

CVE-2019-1447

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445...

CVE-2025-27791 Collabora Online Vulnerable to Arbitrary File Write

Collabora Online is a collaborative online office suite based on LibreOffice technology. In versions prior to 24.04.12.4, 23.05.19, and 22.05.25, there is a path traversal flaw in handling the CheckFileInfo BaseFileName field returned from WOPI servers. This allows for a file to be written anywhe...

CVE-2024-35373

Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php...

CVE-2024-37311

Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora...

CVE-2023-37940

creationtimestamp| type| source ---|---|--- 2024-12-17 21:32:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113670300799021960 2024-12-18 00:18:46+00:00| seen| https://t.me/cvedetector/13141...

CVE-2024-8798

creationtimestamp| type| source ---|---|--- 2024-12-15 23:27:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113659427755343076 2024-12-16 02:17:24+00:00| seen| https://t.me/cvedetector/12955 2024-12-16 06:29:33+00:00| seen|...

UK Health Club Chain ‘Total Fitness’ Data Leak Exposes KYC and Card Data

UK-based health and fitness chain Total Fitness suffered a significant data breach leaving member photos, names, and even bank details vulnerable online. Learn how to protect yourself and what went wrong at Total Fitness...

CVE-2024-27997

creationtimestamp| type| source ---|---|--- 2024-03-19 18:26:56+00:00| seen| https://t.me/ctinow/211807 2025-02-19 21:02:51+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodt35nt2b...

serviciostecnicosmovil.com Improper Access Control vulnerability OBB-3810553

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...