104 matches found
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins...
EUVD-2025-198787
Malicious code in @kvytech/medusa-plugin-management npm...
Malicious code in @kvytech/medusa-plugin-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3db2ba6d2369e5b53d1dfd5a6c8642c90217140b644f1349b42ec9d3e58fdb04 The package @kvytech/medusa-plugin-management was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190745 Malicious code in @kvytech/medusa-plugin-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3db2ba6d2369e5b53d1dfd5a6c8642c90217140b644f1349b42ec9d3e58fdb04 The package @kvytech/medusa-plugin-management was found to contain malicious code. Source: ghsa-malware...
CVE-2025-64114
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...
EUVD-2025-37959
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
EUVD-2010-3301
Malware in sbrugna...
EUVD-2021-21463
Malware in sbrugna...
EUVD-2024-45358
Malicious code in bioql PyPI...
EUVD-2024-46063
Malicious code in bioql PyPI...
EUVD-2024-46064
Malicious code in bioql PyPI...
EUVD-2025-6812
Malicious code in bioql PyPI...
EUVD-2022-29549
Malicious code in bioql PyPI...
CVE-2025-28386
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...
CVE-2025-28386
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...
PYSEC-2025-149
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...
PYSEC-2025-149
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...
CVE-2025-28386
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...
CVE-2025-28386
A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...