45 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: Fixed the issue of iterating over an empty bio with bioforeachfolioall. If the bio contains no data, biofirstfolio calls pagefolio using a NULL pointer, resulting in a buffer overflow error. We’ve moved the test that check...
CVE-2018-25200
OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. Attackers can submit forms to the addUser.php endpoint with parameters including userName, password, email, and ro...
CVE-2018-25199 OOP CMS BLOG 1.0 SQL Injection via search parameter
OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...
CVE-2018-25200
CVE-2018-25200 concerns OOP CMS BLOG 1.0 with a cross-site request forgery that lets unauthenticated attackers craft POST requests to addUser.php (parameters: userName, password, email, role) to create an administrative account. Connected sources consistently describe the flaw and its target endp...
CVE-2018-25200
OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. Attackers can submit forms to the addUser.php endpoint with parameters including userName, password, email, and ro...
EUVD-2021-30971
Malicious code in bioql PyPI...
EUVD-2022-52344
Malicious code in bioql PyPI...
EUVD-2022-52349
Malicious code in bioql PyPI...
Malicious code in nudt-oop-soft-engi-dongwei (npm)
The package nudt-oop-soft-engi-dongwei was found to contain malicious code...
MAL-2025-45374 Malicious code in nudt-oop-soft-engi-dongwei (npm)
The package nudt-oop-soft-engi-dongwei was found to contain malicious code...
Malicious code in tahasiraj-ts-2004-oop-project-10 (npm)
The package tahasiraj-ts-2004-oop-project-10 was found to contain malicious code...
MAL-2025-34385 Malicious code in tahasiraj-ts-2004-oop-project-10 (npm)
The package tahasiraj-ts-2004-oop-project-10 was found to contain malicious code...
CVE-2022-43117
Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the Name, Username, Description and Site Feature parameters...
CVE-2022-30459
ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simplechatbot/classes/Master.php?f=deleteresponse, id...
CVE-2022-30464
ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Site Scripting XSS via /simplechatbot/classes/Master.php?f=saveresponse...
PDF Generator Web Application 1.0 Insecure Settings
==================================================================================================================================== | Title : PDF Generator Web Application v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
CVE-2022-43117
CVE-2022-43117 affects Sourcecodester Password Storage Application (PHP/OOP, MySQL) v1.0. The issue is multiple cross-site scripting (XSS) vulnerabilities exploitable via the Name, Username, Description and Site Feature parameters. The PT-2022-26759 entry elaborates the affected version and vulne...
CVE-2022-43117
Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the Name, Username, Description and Site Feature parameters...
CVE-2022-30459
ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simplechatbot/classes/Master.php?f=deleteresponse, id...
Sql injection
ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simplechatbot/classes/Master.php?f=deleteresponse, id...