1244 matches found
EUVD-2025-9587
Malicious code in bioql PyPI...
EUVD-2022-3773
Malicious code in bioql PyPI...
EUVD-2024-50658
Malicious code in bioql PyPI...
EUVD-2024-32739
Malicious code in bioql PyPI...
EUVD-2023-59432
Malicious code in bioql PyPI...
EUVD-2025-24547
Malicious code in bioql PyPI...
Code-Projects Food Ordering Review System 安全漏洞
Code-Projects Food Ordering Review System is an open source food ordering review system from Code-Projects. A security vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which stems from incorrect handling of input in the user-submitted ordering information area and...
GitLab 8.15 < 18.1.5 / 18.2 < 18.2.5 / 18.3 < 18.3.1 (CVE-2025-3601)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to caus...
CVE-2025-6184
The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the getsubmittedassignments function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter an...
CVE-2025-6184
The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the getsubmittedassignments function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter an...
CVE-2025-6184
CVE-2025-6184 : Tutor LMS Pro (WordPress)
PT-2025-32967 · WordPress · Tutor Lms Pro
Name of the Vulnerable Software and Affected Versions: Tutor LMS Pro versions prior to 3.7.1 Description: The Tutor LMS Pro plugin for WordPress is susceptible to a time-based SQL Injection issue. This occurs due to insufficient input validation and query preparation when handling the order...
GPT-SoVITS-WebUI code issue vulnerability (CNVD-2025-23578)
GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from insecure deserialization of referencewebui.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...
GPT-SoVITS-WebUI Code Issue Vulnerability
GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization handling of the AudioPreDeEcho class when receiving serialized data submitted by the user, which can be exploited by an attacker to execute arbitrary commands on...
GPT-SoVITS-WebUI 代码问题漏洞
GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI, which stems from unsafe deserialization handling of the AudioPre class when receiving user-submitted serialized data, and can be exploited by an attacker to execute arbitrary commands on the system...
GPT-SoVITS-WebUI 代码问题漏洞
GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from insecure deserialization of referencewebui.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...
Apache InLong 代码问题漏洞
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.13.0 to 2.1.0. The vulnerability stems from unsafe...
CVE-2024-5002
The User Submitted Posts WordPress plugin before 20240516 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-7251
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr User Submitted Posts allows Stored XSS.This issue affects User Submitted Posts: from n/a through 20230901...
CVE-2022-31049
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions...