Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30365

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00253EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-29108

Malicious code in bioql PyPI...

5.1CVSS4.8AI score0.00233EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/22 9:33 p.m.9 views

CVE-2025-10755

A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown function of the component Content-Type Handler. The manipulation of the argument userAvatar results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be...

6.5CVSS6.5AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/22 12:21 p.m.9 views

CVE-2025-10741

A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS6.5AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2025/09/20 9:15 p.m.4 views

CVE-2025-10755

A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown function of the component Content-Type Handler. The manipulation of the argument userAvatar results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be...

6.5CVSS0.00239EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/20 9:2 p.m.3 views

CVE-2025-10755 Selleo Mentingo Content-Type unrestricted upload

A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown function of the component Content-Type Handler. The manipulation of the argument userAvatar results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be...

6.5CVSS6.2AI score0.00239EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/20 9:2 p.m.12 views

CVE-2025-10755 Selleo Mentingo Content-Type unrestricted upload

A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown function of the component Content-Type Handler. The manipulation of the argument userAvatar results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be...

6.5CVSS0.00239EPSS
Exploits0References4
CVE
CVE
added 2025/09/20 9:2 p.m.15 views

CVE-2025-10755

CVE-2025-10755 affects Selleo Mentingo 2025.08.27, with the vulnerable component in the Content-Type Handler. The issue arises from manipulation of the argument userAvatar , leading to unrestricted file uploads. The attack is described as remote and publicly exploitable; multiple sources cite a p...

6.5CVSS6.2AI score0.00239EPSS
Exploits0References4
NVD
NVD
added 2025/09/20 12:15 p.m.3 views

CVE-2025-10741

A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS0.00253EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/20 12:2 p.m.3 views

CVE-2025-10741 Selleo Mentingo Profile Picture unrestricted upload

A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS6.2AI score0.00253EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/20 12:2 p.m.14 views

CVE-2025-10741 Selleo Mentingo Profile Picture unrestricted upload

A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected element is an unknown function of the component Profile Picture Handler. The manipulation of the argument userAvatar leads to unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS0.00253EPSS
Exploits0References5
CVE
CVE
added 2025/09/20 12:2 p.m.14 views

CVE-2025-10741

CVE-2025-10741 affects Selleo Mentingo’s Profile Picture Handler. The root cause is manipulation of the userAvatar argument, enabling unrestricted file uploads in versions up to 2025.08.27 (before 2025.08.28). Exploitation is possible remotely and the exploit has been publicly disclosed, with PoC...

6.5CVSS6.2AI score0.00253EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/20 12:0 a.m.5 views

PT-2025-38637

Name of the Vulnerable Software and Affected Versions Selleo Mentingo versions prior to 2025.08.28 Description A security issue has been identified in Selleo Mentingo. The vulnerability resides in an unknown function within the Profile Picture Handler component. Manipulation of the userAvatar...

6.5CVSS6.1AI score0.00253EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/09/20 12:0 a.m.4 views

PT-2025-38639

Name of the Vulnerable Software and Affected Versions Selleo Mentingo version 2025.08.27 Description A vulnerability exists in Selleo Mentingo 2025.08.27 within the Content-Type Handler component. Manipulation of the userAvatar argument results in unrestricted upload, and the attack can be...

6.5CVSS6.2AI score0.00239EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/20 12:0 a.m.5 views

Selleo Mentingo 代码问题漏洞

Selleo Mentingo is an in-house training and employee development platform from the Polish company Selleo. A code issue vulnerability exists in Selleo Mentingo version 2025.08.27 and earlier, which stems from insufficient validation of the parameter userAvatar in the Profile Picture Handler...

6.5CVSS6.6AI score0.00253EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/20 12:0 a.m.5 views

Selleo Mentingo 代码问题漏洞

Selleo Mentingo is an in-house training and employee development platform from Selleo Poland. A code issue vulnerability exists in Selleo Mentingo version 2025.08.27, which stems from an insufficient restriction of the parameter userAvatar in the Content-Type Handler component, which could lead t...

6.5CVSS6.7AI score0.00239EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/16 4:32 a.m.12 views

CVE-2025-10388

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

5.1CVSS5.5AI score0.00233EPSS
Exploits0References1
NVD
NVD
added 2025/09/14 4:15 a.m.6 views

CVE-2025-10388

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

5.1CVSS0.00233EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/14 3:32 a.m.28 views

CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

5.1CVSS0.00233EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/14 3:32 a.m.4 views

CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

5.1CVSS3.7AI score0.00233EPSS
Exploits0References4
Rows per page
Query Builder