PT-2025-47158

Name of the Vulnerable Software and Affected Versions QaTraq version 6.9.2 Description Authenticated users can upload arbitrary files through the "Add Attachment" feature within the "Test Script" module. The application does not restrict file types, allowing the upload of executable PHP files...

CVE-2025-63748

CVE-2025-63748 affects QaTraq 6.9.2. Authenticated users can upload arbitrary files via the Add Attachment feature in the Test Script module due to insufficient file-type restrictions. Uploaded files (e.g., executable PHP) can be accessed through View Attachment and may execute on the server, ind...

CVE-2025-63748

QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...

Exploit for SQL Injection in Sqlalchemy

What Part A - Prereqs - hud cli - Docker Part A - Setu...

EUVD-2025-24578

Malicious code in bioql PyPI...

EUVD-2024-1779

Malicious code in bioql PyPI...

EUVD-2025-30333

Malicious code in bioql PyPI...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...

PT-2025-38543

Name of the Vulnerable Software and Affected Versions Accela Automation Platform version 22.2.3.0.230103 Description Accela Automation Platform contains multiple issues within the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, potentially...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...

Accela Automation Platform 安全漏洞

Accela Automation Platform is an automation platform from Accela Canada. A security vulnerability exists in Accela Automation Platform version 22.2.3.0.230103, which stems from multiple issues with the Test Script functionality, including the ability to execute arbitrary Java code, improper...

CVE-2025-50611

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wlsecset5g and wlsecrpset5g in the payload, which can cause the program to crash and potentially...

CVE-2025-50617

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wpsset in the payload, which can cause the program to crash and potentially lead to a Denial of...

The vulnerability of the wget_test.asp script in the D-Link DI-7300G+ router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the wgettest.asp script of the D-Link DI-7300G+ router microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Exploit for Use of Uninitialized Resource in Samba Rsync

CVE-2024-12085 Infoleak exploit Note, this exploit is not ver...

CVE-2025-7181

A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has be...

Exploit for CVE-2025-32965

It is an exploit module for CVE-2025-32965, a supply chain attac...

UBUNTU-CVE-2025-0650

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

CVE-2024-56703

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6selectpath under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the bird service, these routers continuous...