18 matches found
EUVD-2024-52687
Malicious code in bioql PyPI...
EUVD-2024-52688
Malicious code in bioql PyPI...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-54879
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely...
CVE-2024-54879
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely...
CVE-2024-54879
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely...
CVE-2024-54880
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk...
CVE-2024-54880
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk...
CVE-2024-44720
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component adminsafe.php...
CVE-2024-44721
SeaCMS v13.1 was discovered to a Server-Side Request Forgery SSRF via the url parameter at /adminreslib.php...
CVE-2024-44721
SeaCMS v13.1 was discovered to a Server-Side Request Forgery SSRF via the url parameter at /adminreslib.php...
CVE-2024-44721
SeaCMS v13.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /admin_reslib.php endpoint. The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a base score of 9.8 (CRITICAL) with NETWORK attack, no authentication, and full impact on confidential...
CVE-2024-44720
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component adminsafe.php...
CVE-2024-44720
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component adminsafe.php...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
This CVE affects SeaCMS Seacms v13.1, specifically the admin_ip.php page. When action=set is used, an attacker can control IP parameters written to data/admin/ip.php, enabling arbitrary command execution. The vulnerability is evidenced across multiple sources (NVD/Red Hat/CNNVD) with CVSSv3.1 bas...