5 matches found
EUVD-2025-23241
Malicious code in bioql PyPI...
CVE-2025-36563
CVE-2025-36563 is a reflected cross-site scripting vulnerability affecting PowerCMS in multiple versions. Exploitation requires a user (administrator or general user per vector) to access a crafted URL, allowing arbitrary script execution in the browser. CVSS metrics specify MEDIUM severity (olde...
CVE-2021-35283
SQL Injection vulnerability in productadmin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php...
CVE-2008-5400
Multiple cross-site request forgery CSRF vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to 1 create forums, 2 change account privileges, 3 enable accounts, or 4 disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers...
PT-2008-6517 · Mvnforum · Mvnforum
Name of the Vulnerable Software and Affected Versions: mvnForum versions prior to 1.2.1 GA Description: The issue allows remote attackers to perform various actions as a product administrator, including creating forums, changing account privileges, enabling accounts, or disabling accounts. This i...