476 matches found
EUVD-2023-33808
Malicious code in bioql PyPI...
EUVD-2025-27989
Malicious code in bioql PyPI...
EUVD-2023-56748
Malicious code in bioql PyPI...
EUVD-2023-32309
Malicious code in bioql PyPI...
EUVD-2022-24853
Malicious code in bioql PyPI...
EUVD-2025-25210
Malicious code in bioql PyPI...
EUVD-2023-2876
Malicious code in bioql PyPI...
EUVD-2023-42841
Malicious code in bioql PyPI...
EUVD-2023-32434
Malicious code in bioql PyPI...
PT-2025-40295
Name of the Vulnerable Software and Affected Versions Dolibarr ERP & CRM version 21.0.1 Description The software contains a remote code execution RCE issue within the User module configuration. This is due to a flaw in the computed field parameter. Recommendations At the moment, there is no...
CVE-2025-11037
A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/adminindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to th...
PT-2025-39102
Name of the Vulnerable Software and Affected Versions Campcodes Computer Sales and Inventory System version 1.0 Description A SQL injection issue exists due to the manipulation of the prodcode argument. This impacts an unknown function within the /pages/pro edit1.php file. The attack can be carri...
CVE-2025-43810
Insecure Direct Object Reference IDOR vulnerability with commerce order notes in Liferay Portal 7.3.5 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, and 7.4 GA through update 92 allows remote authenticated users to from one virtual instance to add a...
CVE-2025-43810
CVE-2025-43810 affects Liferay Portal and Liferay DXP, where an insecure direct object reference via the parameter _com_liferay_commerce_order_web_internal_portlet_CommerceOrderPortlet_commerceOrderId allows a remote authenticated user to add a note to an order in a different virtual instance. Af...
CVE-2025-41061
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/uploadify...
PT-2025-36227
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 versions prior to 12.1.1 Description: ScienceLogic SL1 before version 12.1.1 contains a SQL injection flaw. The flaw is located in index.em7 and occurs through a parameter within a request. Recommendations: Upgrade to...
CVE-2025-41033 SQL injection vulnerability in appRain CMF
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BPage%5D%5Bname%5D' parameter in /apprain/page/manage-dynamic-pages/create...
Simple Grading System add_student_grade.php File SQL Injection Vulnerability
Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Add in the file /addstudentgrade.php. An attacker can exploit this vulnerability to...
PT-2025-34823
Name of the Vulnerable Software and Affected Versions: Campcodes Online Loan Management System version 1.0 Description: A security issue has been identified in Campcodes Online Loan Management System 1.0. The manipulation of the lastname argument in an unknown function of the file...
CVE-2025-9434
A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. This affects an unknown function of the file /admin/edittitle.php?id=1. Executing manipulation of the argument desc can lead to cross site scripting. The attack may be launched remotely. The...