Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2018-7730

Malware in sbrugna...

9.8CVSS9.3AI score0.01135EPSS
Exploits5References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-26862

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00825EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-26863

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00874EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-26859

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00856EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-26860

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00863EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.7 views

CVE-2023-29770

In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering...

8.8CVSS6.8AI score0.00906EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.10 views

CVE-2020-26805

In Sentrifugo 3.2, admin can edit employee's informations via this endpoint -- /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write...

7.2CVSS7.8AI score0.01486EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.11 views

CVE-2020-26803

In Sentrifugo 3.2, users can upload an image under "Assets - Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server...

8.8CVSS7AI score0.01394EPSS
Exploits1
CNVD
CNVD
added 2024/03/26 12:0 a.m.8 views

Sentrifugo agencyids parameter SQL injection vulnerability

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a lack of validation of...

9.8CVSS7.9AI score0.00825EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/12/30 6:17 p.m.7 views

CVE-2020-28365

Sentrifugo 3.2 allows Stored Cross-Site Scripting XSS vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by...

5.5AI score0.0069EPSS
Exploits0References2
Rows per page
Query Builder