5 matches found
EUVD-2022-51759
Malicious code in bioql PyPI...
CVE-2025-8748
MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system...
PT-2022-27763 · Unknown · Drag/Drop Xblock
Name of the Vulnerable Software and Affected Versions: Drag and Drop XBlock v2 versions prior to 3.0.0 Description: The issue affects the Drag and Drop XBlock v2, which implements a drag-and-drop style problem. It is vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that...
PT-2022-22276 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 3.0.0 Description: The issue arises when users add resources to the resource center with a relation path, causing path traversal issues. This problem affects only logged-in users. Recommendations: For versions prio...
CVE-2021-41245
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...