20 matches found
EUVD-2023-43721
Malicious code in bioql PyPI...
EUVD-2023-43727
Malicious code in bioql PyPI...
EUVD-2022-29597
Malicious code in bioql PyPI...
CVE-2023-3029
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
CVE-2023-3035
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attac...
CVE-2022-24781
Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...
Cross site scripting
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attac...
CVE-2023-3035
CVE-2023-3035 affects Guangdong Pythagorean OA Office System (Gougu OA) up to version 4.50.31. The vulnerability lies in the Schedule Handler component, where manipulating the description argument results in cross-site scripting (XSS). The issue can be exploited remotely, and the exploit has been...
CVE-2023-3035 Guangdong Pythagorean OA Office System Schedule cross site scripting
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attac...
CVE-2023-3029
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
Cross site request forgery (csrf)
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
CVE-2023-3029
The CVE-2023-3029 issue affects Guangdong Pythagorean OA Office System (Gougu OA) up to version 4.50.31. A CSRF vulnerability arises from unknown code in /note/index/delete where manipulating the id parameter enables cross-site request forgery. Exploitation is possible remotely and publicized. Co...
CVE-2023-3029 Guangdong Pythagorean OA Office System delete cross-site request forgery
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
CVE-2023-3029 Guangdong Pythagorean OA Office System delete cross-site request forgery
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
Guangdong Pythagorean OA Office System 跨站脚本漏洞
Guangdong Pythagorean OA Office System Gougu OA is a practical enterprise office system open source China Gouguopen gouguopen. A cross-site scripting vulnerability exists in Guangdong Pythagorean OA Office System versions prior to 4.50.31. The vulnerability stems from an unknown function in the...
CVE-2022-24781
Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...
Code injection
Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...
CVE-2022-24781 Malicious users can take over the session of other players
Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...
CVE-2022-24781
Geon (board game) is affected by an authorization issue where malicious users can obtain another user’s uuid, spoof it in the browser console, and take co-ownership of a target session. The root cause is an insecure handling of session ownership tied to UUIDs, enabling session takeover without au...
CVE-2022-24781 Malicious users can take over the session of other players
Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...