24 matches found
EUVD-2025-30215
Malicious code in bioql PyPI...
EUVD-2025-27243
Malicious code in bioql PyPI...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
PT-2025-38506
Name of the Vulnerable Software and Affected Versions SMSEagle versions prior to 6.11 Description SMSEagle is susceptible to a reflected cross-site scripting XSS issue. The vulnerability occurs through manipulation of a username or contact phone number. Recommendations Update to version 6.11 or...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
SMSEagle 跨站脚本漏洞
SMSEagle is a specialized hardware SMS gateway software for sending and receiving SMS messages from SMSEagle. A cross-site scripting vulnerability exists in SMSEagle versions prior to 6.11, which stems from an unauthenticated username or contact phone number and could lead to a reflected cross-si...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
CVE-2025-59715
SMSEagle prior to 6.11 is affected by a reflected XSS vulnerability that can be triggered via a username or a contact phone number. Affected software: SMSEagle before 6.11. Underlying cause: reflected XSS in input handling. Impact: potential client-side script execution. Exploitation details are ...
CVE-2025-10095
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...
CVE-2025-10095 SQL injection in SMPP component of SMSEagle firmware
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...
CVE-2025-10095
CVE-2025-10095 affects the SMSEagle firmware in the SMPP server component. The issue arises from improper sanitization of user input in the SMPP server scripts during database interactions, and is limited to the SMPP server’s dedicated database. The vulnerability’s impact is described as a SQL in...
CVE-2025-10095 SQL injection in SMPP component of SMSEagle firmware
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...
PT-2025-36721
Name of the Vulnerable Software and Affected Versions: SMSEagle versions prior to 6.11 Description: A SQL injection vulnerability exists in the SMPP server component of the SMSEagle firmware. The issue stems from improper sanitization of user input in the server's scripts during database...
SMSEagle SQL注入漏洞
SMSEagle is a professional hardware SMS gateway software for sending and receiving SMS messages from SMSEagle. A SQL injection vulnerability exists in SMSEagle versions prior to 6.11, which stems from improper user input cleanup and could lead to a SQL injection attack...
CVE-2024-37392
A stored Cross-Site Scripting XSS vulnerability has been identified in SMSEagle software version 6.0. The vulnerability arises because the application did not properly sanitize user input in the SMS messages in the inbox. This could allow an attacker to inject malicious JavaScript code into an SM...
CVE-2024-37392
A stored Cross-Site Scripting XSS vulnerability has been identified in SMSEagle software version 6.0. The vulnerability arises because the application did not properly sanitize user input in the SMS messages in the inbox. This could allow an attacker to inject malicious JavaScript code into an SM...
CVE-2024-37392
A stored Cross-Site Scripting XSS vulnerability has been identified in SMSEagle software version 6.0. The vulnerability arises because the application did not properly sanitize user input in the SMS messages in the inbox. This could allow an attacker to inject malicious JavaScript code into an SM...
CVE-2024-37392
CVE-2024-37392 describes a stored XSS in SMSEagle prior to version 6.0. The issue stems from improper sanitization of user input in SMS messages stored in the inbox, allowing injected JavaScript to execute when a message is viewed in the web-GUI. Impact is a client-side script execution risk with...