1982 matches found
EUVD-2024-27363
Malicious code in bioql PyPI...
EUVD-2025-4826
Malicious code in bioql PyPI...
EUVD-2024-2159
Malicious code in bioql PyPI...
EUVD-2025-16060
Malicious code in bioql PyPI...
EUVD-2025-14226
Malicious code in bioql PyPI...
EUVD-2022-4273
Malicious code in bioql PyPI...
EUVD-2022-5075
Malicious code in bioql PyPI...
EUVD-2025-10733
Malicious code in bioql PyPI...
EUVD-2022-5689
Malicious code in bioql PyPI...
EUVD-2023-39803
Malicious code in bioql PyPI...
EUVD-2022-0732
Malicious code in bioql PyPI...
CVE-2025-7721
CVE-2025-7721 concerns the WordPress plugin JoomSport – for Sports: Team & League, Football, Hockey & more (versions ≤ 5.7.3). It is a Unauthenticated Local File Inclusion via the task parameter, allowing an attacker to include/execute arbitrary PHP files on the server (potential code execution, ...
CVE-2025-9991
CVE-2025-9991 – The Tiny Bootstrap Elements Light plugin for WordPress is vulnerable to an unauthenticated Local File Inclusion via the language parameter in versions up to and including 4.3.34. The issue allows an attacker to include and execute arbitrary PHP files on the server, potentially byp...
WordPress plugin Tiny Bootstrap Elements Light 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress plugin Bei Fen 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The ordPress Bei Fen plugin has a file inclusion vulnerability that stems from not doing effective filtering of local file resource calls, which can be exploited by an attacker ...
CVE-2025-10380
The Advanced Views – Display Posts, Custom Fields, and More plugin for WordPress is vulnerable to Server-Side Template Injection in all versions up to, and including, 3.7.19. This is due to insufficient input sanitization and lack of access control when processing custom Twig templates in the Mod...
CVE-2009-20006
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility admin/filemanager.php. The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to...
CVE-2009-20006 osCommerce <= 2.2 Admin File Manager Arbitrary PHP Code Execution
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility admin/filemanager.php. The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to...
CVE-2025-10269
CVE-2025-10269 concerns the Spirit Framework WordPress plugin (
CVE-2025-8417
The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection in all versions up to, and including, 5.1.4. This is due to reliance on a guessable numeric token e.g. ?key= 900001705 without proper authentication, combined with the unsafe use of eval on...