5 matches found
EUVD-2025-25191
Malicious code in bioql PyPI...
CVE-2025-51506
In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/looku...
CVE-2025-51506
In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/looku...
CVE-2025-51506
The CVE-2025-51506 affects HRForecast Suite 0.4.3, specifically the smartLibrary component. A SQL injection flaw resides in the valueKey parameter used by the API endpoint /api/smartlibrary/v2/en/dictionaries/options/lookup, enabling any authenticated user to craft payloads that execute arbitrary...
CVE-2025-51506
In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/looku...