EUVD-2025-31576

Malicious code in bioql PyPI...

CVE-2025-57516

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables to the backupDB.bat file...

PT-2025-12986 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.3.29 and earlier Devolutions Remote Desktop Manager versions 2025.1.24 through 2025.1.25 Description: The issue is related to improper authorization in the variable component, allowing an...

PT-2023-24354 · Unknown · Remote Clinic

Name of the Vulnerable Software and Affected Versions: RemoteClinic version 2.0 Description: The issue is a SQL injection vulnerability located in the /staff/edit.php file. This vulnerability can be exploited through the username and password variables. Recommendations: For RemoteClinic version...

CVE-2023-25104

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

PT-2007-1254 · Centipaid · Centipaid

Name of the Vulnerable Software and Affected Versions: CentiPaid version 1.4.3 Description: The issue allows remote attackers to execute arbitrary code via a URL in the class pwd parameter in the centipaid class.php file. However, it has been disputed by multiple parties, who claim that the $clas...