CVE-2025-34293

GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the...

CVE-2025-34293 GN4 Publishing System Insecure Direct Object Reference (IDOR) Information Disclosure

GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the...

CVE-2025-34293 GN4 Publishing System Insecure Direct Object Reference (IDOR) Information Disclosure

GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the...

PT-2025-43674

Name of the Vulnerable Software and Affected Versions GN4 Publishing System versions prior to 2.6 Description GN4 Publishing System contains an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API’s object endpoints allow an authenticated user to...

Naviga Global GN4 Publishing System 安全漏洞

Naviga Global GN4 Publishing System is a content management and publishing system from Naviga Global, USA. A security vulnerability exists in Naviga Global GN4 Publishing System versions prior to 2.6, which stems from an insecure direct object reference in the API that could lead to account...

EUVD-2002-2197

Malware in sbrugna...

EUVD-2006-5396

Malware in sbrugna...

EUVD-2002-0264

Malware in sbrugna...

EUVD-2006-1367

Malware in sbrugna...

EUVD-2025-19382

Malicious code in bioql PyPI...

IBM Engineering Lifecycle Optimization Publishing 加密问题漏洞

IBM Engineering Lifecycle Optimization Publishing is an automated document generation solution from International Business Machines IBM. IBM Engineering Lifecycle Optimization Publishing suffers from a cryptographic issue vulnerability that stems from the use of a weaker-than-expected encryption...

Dreamer CMS suffers from a directory traversal vulnerability

Dreamer CMS dreamer content publishing system is the first java development content publishing system , using the most popular springboot + thymeleaf framework to build , flexible and compact , simple configuration . Dreamer CMS has a directory traversal vulnerability that can be exploited by an...

File Upload Vulnerability in Webzine Publishing System of Beijing Magtech Technology Development Co.

Beijing Magtech Science &Techology Development Co.Ltd was founded in March 1999, is a high-tech company engaged in software development, system integration. A file upload vulnerability exists in Beijing Magtech Science &Techology Development Co. Ltd.'s webzine publishing system, which can be...

SPIP parameter improper validation vulnerability

SPIP, an Internet publishing system, is free software distributed under the General Public License GPL. prive/formulaires/configurerpreferences.php in versions of SPIP prior to 3.2.8 is vulnerable to couleur, display, display navigation, displayoutils, imessage, and spipecran parameters are...

SQL Injection Vulnerability in Air Quality System Publishing System

Zhuhai Goling Information Technology Co., Ltd. is a high-tech enterprise engaged in research and development of core technology of information network, production of professional equipment and network application service. An SQL injection vulnerability exists in the Air Quality System Publishing...

SPIP cross-site scripting vulnerability (CNVD-2019-32493)

SPIP is a Web-based content publishing system. The system is primarily used for online collaboration. A cross-site scripting vulnerability exists in SPIP versions prior to 3.1.11 and 3.2.2 prior to 3.2.5, which can be exploited by an attacker to execute client-side code...

SPIP Input Validation Error Vulnerability

SPIP is a Web-based content publishing system. The system is primarily used for online collaboration. An input validation error vulnerability exists in SPIP versions prior to 3.1.11 and 3.2.2 prior to 3.2.5, which arises from a web-based system or product that does not properly validate incoming...

SPIP 3.1.2 File Enumeration / Path Traversal Vulnerabilities

Exploit for php platform in category web applications SPIP 3.1.1/3.1.2 File Enumeration / Path Traversal CVE-2016-7982 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software,...

SPIP 3.1.1/3.1.2 - File Enumeration / Path Traversal

SPIP 3.1.1/3.1.2 File Enumeration / Path Traversal CVE-2016-7982 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence. Vulnerability...

SPIP 3.1.2 Cross Site Request Forgery

SPIP 3.1.2 Exec Code Cross-Site Request Forgery CVE-2016-7980 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence. Vulnerability...