7 matches found
EUVD-2022-51499
Malicious code in bioql PyPI...
CVE-2022-4136
Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...
CVE-2022-4136
Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...
Security feature bypass
Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...
CVE-2022-4136 Exposed Dangerous Method or Function in qmpaas/leadshop
Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...
PT-2022-25826 · Unknown · Qmpass/Leadshop
Name of the Vulnerable Software and Affected Versions: qmpass/leadshop version 1.4.15 Description: The issue allows an attacker to control the target host by calling any function in leadshop.php via the GET method, potentially leading to remote code execution RCE. This can enable an attacker to...
CVE-2022-4136
CVE-2022-4136 affects qmpass/leadshop v1.4.15. The vulnerability arises from leadshop.php using call_user_func_array with GET-supplied include, data, and meta, enabling an attacker to invoke arbitrary functions (e.g., HttpGet, ToMkdir, UpdateSql, DownloadFile, RemoveDir) and potentially execute c...