EUVD-2024-3285

Malicious code in bioql PyPI...

EUVD-2024-2160

Malicious code in bioql PyPI...

EUVD-2022-1370

Malicious code in bioql PyPI...

EUVD-2024-2165

Malicious code in bioql PyPI...

EUVD-2023-1576

Malicious code in bioql PyPI...

EUVD-2023-2904

Malicious code in bioql PyPI...

EUVD-2022-1584

Malicious code in bioql PyPI...

EUVD-2023-44778

Malicious code in bioql PyPI...

CVE-2025-54418 CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing imagick as the image library and either allow file uploads with user-controlled filenames and process...

CVE-2021-32648

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5...

CVE-2021-32650

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents P...

CVE-2021-29487

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated...

Adianti Framework 安全漏洞

Adianti Framework is a framework for developing PHP applications from Adianti. A security vulnerability exists in Adianti Framework 8.0 and prior versions that stems from a deserialization issue that could lead to remote code execution...

CVE-2025-32027

Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. Upgrade yiisoft/yii to version 1.1.31 or higher...

CVE-2025-30148

CVE-2025-30148 affects Silverstripe Framework (PHP) prior to 5.3.23. An attacker with CMS edit access could deliver an encoded payload that results in a JavaScript payload on the front end due to insufficient server-side sanitization; a fix is available in 5.3.23. The documents do not provide exp...

CVE-2025-30148 Silverstripe Framework has a XSS vulnerability in HTML editor

Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. Prior to 5.3.23, bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The...

Yii 安全漏洞

Yii is a component-based, high-performance PHP framework for developing large-scale web applications developed by the YII team. A security vulnerability exists in Yii 2 versions prior to 2.0.52, which stems from improper handling of behavior attachments...

Linux Distros Unpatched Vulnerability : CVE-2024-50340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive ...

Linux Distros Unpatched Vulnerability : CVE-2024-51996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony doe...

CVE-2022-21705

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass cms.safemode /...