19 matches found
EUVD-2017-15067
Malware in sbrugna...
EUVD-2025-5921
Malicious code in bioql PyPI...
EUVD-2025-5488
Malicious code in bioql PyPI...
CVE-2024-42904
A cross-site scripting XSS vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php...
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...
CVE-2025-25476
A stored cross-site scripting XSS vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component...
CVE-2025-25476
A stored cross-site scripting XSS vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component...
CVE-2025-25478
The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password...
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...
CVE-2025-25478
The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password...
CVE-2025-25478
The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password...
CVE-2025-25476
A stored cross-site scripting XSS vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component...
CVE-2025-25476
A stored cross-site scripting XSS vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component...
CVE-2025-25476
CVE-2025-25476 describes a stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x. A malicious user with elevated privileges can execute arbitrary JavaScript by injecting a payload into the notification type or notification component. The affected software/version is SysPass 3.2.x; the ...
CVE-2025-25477
The CVE-2025-25477 entry concerns SysPass 3.2.x, where a host header injection flaw allows loading malicious JavaScript from an arbitrary domain that would execute in a victim’s browser. The root cause is host header injection in SysPass; impact is demonstrated as high confidentiality and integri...
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...
sysPass 安全漏洞
sysPass is a system password manager by RubénD Personal Developer. A security vulnerability exists in sysPass version 3.2.x, which stems from vulnerability to cross-site scripting attacks. An attacker can exploit the vulnerability to execute arbitrary web script or HTML by injecting a specially...