66 matches found
EUVD-2015-1695
Malware in sbrugna...
EUVD-2010-2016
Malware in sbrugna...
EUVD-2010-4907
Malware in sbrugna...
EUVD-2015-0886
Malware in sbrugna...
EUVD-2025-23366
Malicious code in bioql PyPI...
EUVD-2025-25172
Malicious code in bioql PyPI...
CVE-2025-50567
Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare function, which uses pregreplace with the deprecated /e eval modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code...
CVE-2025-50567
Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare function, which uses pregreplace with the deprecated /e eval modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code...
CVE-2025-50567
Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare function, which uses pregreplace with the deprecated /e eval modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code...
CVE-2025-50567
Saurus CMS Community Edition 4.7.1 has a vulnerability in the custom DB::prepare() function that uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This allows injecting user-controlled SQL statements, potentially leading to arbitrary PHP code executio...
Saurus CMS Community Edition 安全漏洞
Saurus CMS Community Edition is a content management system for Saurus individual developers. A security vulnerability exists in Saurus CMS Community Edition version 4.7.1, which stems from improper handling of SQL query parameters and could lead to SQL injection attacks...
CVE-2025-50567
Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare function, which uses pregreplace with the deprecated /e eval modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code...
PT-2025-33730 · Unknown · Saurus Cms Community Edition
Name of the Vulnerable Software and Affected Versions: Saurus CMS Community Edition version 4.7.1 Description: Saurus CMS Community Edition 4.7.1 contains an issue in the custom DB::prepare function. The function utilizes preg replace with the deprecated /e eval modifier for SQL query parameter...
CVE-2025-52390
Saurus CMS Community Edition since commit d886e5b0 2010-04-23 is vulnerable to a SQL Injection vulnerability in the prepareSearchQuery method in FulltextSearch.class.php. The application directly concatenates user-supplied input $searchword into SQL queries without sanitization, allowing attacker...
CVE-2025-52390
Saurus CMS Community Edition since commit d886e5b0 2010-04-23 is vulnerable to a SQL Injection vulnerability in the prepareSearchQuery method in FulltextSearch.class.php. The application directly concatenates user-supplied input $searchword into SQL queries without sanitization, allowing attacker...
CVE-2025-52390
CVE-2025-52390 – Saurus CMS Community Edition is affected since commit d886e5b0 (2010-04-23). The vulnerability is a SQL Injection in the FulltextSearch.class.php -> prepareSearchQuery() where user input ($search_word) is directly concatenated into SQL queries without sanitization. This can al...
CVE-2025-52390
Saurus CMS Community Edition since commit d886e5b0 2010-04-23 is vulnerable to a SQL Injection vulnerability in the prepareSearchQuery method in FulltextSearch.class.php. The application directly concatenates user-supplied input $searchword into SQL queries without sanitization, allowing attacker...
Saurus CMS Community Edition 安全漏洞
Saurus CMS Community Edition is a content management system for Saurus individual developers. A security vulnerability exists in Saurus CMS Community Edition version d886e5b0 and later versions, which stems from a failure to clean up user input in the prepareSearchQuery method in...
CVE-2025-52390
Saurus CMS Community Edition since commit d886e5b0 2010-04-23 is vulnerable to a SQL Injection vulnerability in the prepareSearchQuery method in FulltextSearch.class.php. The application directly concatenates user-supplied input $searchword into SQL queries without sanitization, allowing attacker...
PT-2025-31648 · Unknown · Saurus Cms Community Edition
Name of the Vulnerable Software and Affected Versions: Saurus CMS Community Edition versions since commit d886e5b0 2010-04-23 Description: Saurus CMS Community Edition is susceptible to a SQL Injection issue due to the direct concatenation of user-supplied input $search word into SQL queries with...