17 matches found
EUVD-2019-8023
Malware in sbrugna...
EUVD-2025-24048
Malicious code in bioql PyPI...
CVE-2025-8752
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...
CVE-2025-8752
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...
CVE-2025-8752 wangzhixuan spring-shiro-training add command injection
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...
CVE-2025-8752 wangzhixuan spring-shiro-training add command injection
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...
CVE-2025-8752
The CVE-2025-8752 entry concerns the wangzhixuan spring-shiro-training project (up to commit 94812c1fd8f7fe796c931f4984ff1aa0671ab562). The vulnerability is in the /role/add code path and is due to a command injection vulnerability. It is exploitable remotely and has been publicly disclosed. The ...
wangzhixuan spring-shiro-training 注入漏洞
wangzhixuan spring-shiro-training is a learning system from the Chinese company wangzhixuan. An injection vulnerability exists in wangzhixuan spring-shiro-training, which stems from a command injection issue in file /role/add...
PT-2025-32435 · Wangzhixuan · Spring-Shiro-Training
Name of the Vulnerable Software and Affected Versions: wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562 Description: A critical issue exists in wangzhixuan spring-shiro-training. The vulnerability is due to command injection in the /role/add file. This allows for...
CVE-2019-18223
ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the 1 User Edit or 2 User Add form, 3 name field in the Role Add form, 4 name or number field in the Edit Group form, 5 tagKey or tagValue field in the Recording Rul...
CVE-2019-18223
ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the 1 User Edit or 2 User Add form, 3 name field in the Role Add form, 4 name or number field in the Edit Group form, 5 tagKey or tagValue field in the Recording Rul...
Cross site scripting
ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the 1 User Edit or 2 User Add form, 3 name field in the Role Add form, 4 name or number field in the Edit Group form, 5 tagKey or tagValue field in the Recording Rul...
CVE-2019-18223
The CVE-2019-18223 entry concerns Zoom Call Recording (version 6.3.1) and describes authenticated stored XSS vulnerabilities. Multiple input vectors are identified, including: (1) phoneNumber in User Edit/Add forms, (2) name in Role Add form, (3) name or number in Edit Group, (4) tagKey/tagValue ...
CVE-2019-18223
ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the 1 User Edit or 2 User Add form, 3 name field in the Role Add form, 4 name or number field in the Edit Group form, 5 tagKey or tagValue field in the Recording Rul...
CVE-2019-10888
A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html...
CVE-2019-10888
A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html...
PbootCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-12919)
PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. A cross-site request forgery vulnerability exists in the apps/admin/controller/system/RoleController.php file in PbootCMS version 1.0.7. A remote attacker can exploit this vulnerability ...