28 matches found
EUVD-2023-34753
Malicious code in bioql PyPI...
EUVD-2023-37674
Malicious code in bioql PyPI...
CVE-2023-26877
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efmsexechtml/fileuploadparser.php endpoint...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-26877
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efmsexechtml/fileuploadparser.php endpoint...
CVE-2023-26877
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efmsexechtml/fileuploadparser.php endpoint...
CVE-2023-26877
Softexpert Excellence Suite v2.1 is affected by CVE-2023-26877. A file upload vulnerability exists in the form/efms_exec_html/file_upload_parser.php endpoint that allows an attacker to upload a PHP file to execute arbitrary code. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L...
SoftExpert Excellence Suite Security Vulnerability
SoftExpert Excellence Suite is a commercial suite from SoftExpert Brazil. A security vulnerability exists in Softexpert Excellence Suite version v.2.1, which stems from a file upload vulnerability that could allow an attacker to execute arbitrary code by uploading a .php file to the...
CVE-2023-26877
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efmsexechtml/fileuploadparser.php endpoint...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
Cross site scripting
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-33515
CVE-2023-33515 affects SoftExpert Excellence Suite version 2.1.9, with a reported Cross-Site Scripting (XSS) vulnerability exploitable via query screens. The issue is described across multiple sources as an XSS in SoftExpert Suite 2.1.9, and the commonly cited attack path involves input that is r...
PT-2023-24372 · Softexpert · Softexpert Excellence Suite
Name of the Vulnerable Software and Affected Versions: SoftExpert Excellence Suite version 2.1.9 Description: The issue is related to Cross Site Scripting XSS and can be exploited via query screens. This means an attacker could potentially inject malicious scripts into the website, which would th...
CVE-2023-33515
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...
CVE-2023-30330
SoftExpert SE Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gndefaultframe/2.0/defaultframefilter.php...
CVE-2023-30330
SoftExpert SE Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gndefaultframe/2.0/defaultframefilter.php...
PT-2023-22638 · Softexpert · Softexpert Excellence Suite
Name of the Vulnerable Software and Affected Versions: SoftExpert SE Excellence Suite versions prior to 2.1.3 Description: The issue concerns Local File Inclusion in the function /se/v42300/generic/gn defaultframe/2.0/defaultframe filter.php. Recommendations: For versions prior to 2.1.3, update t...