48 matches found
EUVD-2019-5555
Malware in sbrugna...
EUVD-2023-56988
Malicious code in bioql PyPI...
EUVD-2025-25498
Malicious code in bioql PyPI...
EUVD-2021-7481
Malicious code in bioql PyPI...
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
PT-2025-33094 · Unknown · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM versions prior to 3.1.1 Dolibarr ERP/CRM versions prior to 3.2.0 Description: Dolibarr ERP/CRM contains a post-authenticated operating system command injection issue in its database backup feature. The export.php script does...
CVE-2021-20023
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...
CVE-2020-17458
A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via the /multiux/SaveMailbox LastName field...
📄 Smart Manager 8.27.0 SQL Injection
Smart Manager version 8.27.0 suffers from a remote SQL injection vulnerability. Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link:...
CVE-2024-27145 Multiple Post-authenticated Remote Code Execution
The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute...
Exploit for SQL Injection in Vanquish Woocommerce_Customers_Manager
CVE-2024-0399 - WooCommerce Customers Manager 29.4 - Post-Auth...
Exploit for SQL Injection in Weblizar School_Management
The School Management 10.3.4 - Post-Authenticated SQL Injectio...
CVE-2023-52331
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...
CVE-2023-38625
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
Server side request forgery (ssrf)
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
Server side request forgery (ssrf)
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
CVE-2023-52331
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...
CVE-2023-52331
The CVE-2023-52331 issue is a post-authenticated SSRF vulnerability in Trend Micro Apex Central. Affected software/function: Apex Central; attacker must first execute low-privilege code on the target. Impact: can interact with internal or local services directly; potential information disclosure ...
CVE-2023-38626
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
CVE-2023-38625
A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...