72 matches found
PT-2025-40790
Name of the Vulnerable Software and Affected Versions Frappe LMS version 2.35.0 Description A flaw exists in Frappe LMS 2.35.0 within the Assignment Picture Handler component, specifically related to the /files/ file. This issue allows for a remote direct request manipulation, with a high...
EUVD-2025-30365
Malicious code in bioql PyPI...
EUVD-2023-44429
Malicious code in bioql PyPI...
EUVD-2023-33583
Malicious code in bioql PyPI...
EUVD-2024-15993
Malicious code in bioql PyPI...
EUVD-2023-43868
Malicious code in bioql PyPI...
EUVD-2023-58078
Malicious code in bioql PyPI...
EUVD-2024-50700
Malicious code in bioql PyPI...
EUVD-2025-12333
Malicious code in bioql PyPI...
EUVD-2023-43950
Malicious code in bioql PyPI...
CVE-2025-10763
A vulnerability was determined in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload. The attack is possible to ...
CVE-2025-10741
A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...
CVE-2025-10763
A vulnerability was determined in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload. The attack is possible to ...
CVE-2025-10763 academico-sis academico Profile Picture edit-photo unrestricted upload
A vulnerability was determined in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload. The attack is possible to ...
CVE-2025-10763
CVE-2025-10763 affects Academico-sis (Profile Picture Handler, /edit-photo). Multiple connected documents confirm an unrestricted upload vulnerability in that endpoint, enabling remote abuse due to missing upload restrictions. The issue is tied to the Profile Picture Handler component and is expl...
PT-2025-38658
Name of the Vulnerable Software and Affected Versions academico-sis versions prior to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab Description A vulnerability exists in academico-sis related to the Profile Picture Handler component. The issue involves unrestricted upload via the /edit-photo file. Thi...
CVE-2025-10741
A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...
CVE-2025-10741
CVE-2025-10741 affects Selleo Mentingo’s Profile Picture Handler. The root cause is manipulation of the userAvatar argument, enabling unrestricted file uploads in versions up to 2025.08.27 (before 2025.08.28). Exploitation is possible remotely and the exploit has been publicly disclosed, with PoC...
Selleo Mentingo 代码问题漏洞
Selleo Mentingo is an in-house training and employee development platform from the Polish company Selleo. A code issue vulnerability exists in Selleo Mentingo version 2025.08.27 and earlier, which stems from insufficient validation of the parameter userAvatar in the Profile Picture Handler...
PT-2025-38637
Name of the Vulnerable Software and Affected Versions Selleo Mentingo versions prior to 2025.08.28 Description A security issue has been identified in Selleo Mentingo. The vulnerability resides in an unknown function within the Profile Picture Handler component. Manipulation of the userAvatar...