6 matches found
EUVD-2022-0780
Malicious code in bioql PyPI...
CVE-2023-29918
RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module...
CVE-2020-15718
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the includeinactive parameter in a crafted URL...
RosarioSIS 7.6 - SQL Injection
Exploit Title: RosarioSIS 7.6 - SQL Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 7.6 Tested on: Ubuntu Windows CVE : CVE-2021-44567 PoC: POST...
CVE-2023-29918
RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module...
PT-2023-16673 · Unknown · Rosariosis
Name of the Vulnerable Software and Affected Versions: rosariosis versions prior to 10.8.2 Description: The issue concerns exposure of sensitive information and improper access control in the GitHub repository francoisjacquet/rosariosis. Recommendations: For versions prior to 10.8.2, update to...