Exploit for CVE-2025-47227

cve202547227...

EUVD-2025-20102

Malicious code in bioql PyPI...

EUVD-2025-20101

Malicious code in bioql PyPI...

EUVD-2022-53407

Malicious code in bioql PyPI...

EUVD-2025-8249

Malicious code in bioql PyPI...

EUVD-2025-27635

Malicious code in bioql PyPI...

EUVD-2024-49498

Malicious code in bioql PyPI...

EUVD-2024-49499

Malicious code in bioql PyPI...

EUVD-2024-49497

Malicious code in bioql PyPI...

CVE-2025-8691

The WP Scriptcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-8691

The WP Scriptcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-8691

The CVE-2025-8691 entry concerns WP Scriptcase for WordPress, with a Stored Cross-Site Scripting via the url parameter in all versions up to 2.0.0. The vulnerability requires authenticated access at Contributor level or higher and can cause arbitrary scripts to run in pages viewed by users. The r...

CVE-2025-8691 WP Scriptcase <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter

The WP Scriptcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress WP Scriptcase plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Scriptcase versions = 2.0.0...

PT-2025-37137

The WP Scriptcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress plugin WP Scriptcase 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

Exploit for CVE-2025-47227

🔓 CVE-2025-47227 — Critical Admin Password Reset Bypass in Scr...

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

Exploit Title: ScriptCase 9.12.006 23 - Remote Command Execution RCE Date: 04/07/2025 Exploit Author: Alexandre ZANNI noraj & Alexandre DROULLÉ cabir Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 1.0.003-build-2 Production Environment /...

CVE-2025-47228

In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests...

CVE-2025-47227

In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...