EUVD-2025-14346

Malicious code in bioql PyPI...

MAL-2025-32149 Malicious code in respace-ui-layout (npm)

The package respace-ui-layout was found to contain malicious code...

Malicious code in respace-ui-layout (npm)

The package respace-ui-layout was found to contain malicious code...

CVE-2025-43003

SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on...

CVE-2025-43003

SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on...

Malicious code in sap.ui.layout (npm)

--- -= Per source details. Do not edit below this line.=-...

Sql injection

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

Account takeover via SQL Injection in UI layout preferences in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL...

CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

PT-2023-6823 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to the management of UI layout preferences in GLPI, which can be hijacked to lead to SQL injection. This injection can be used to take over an administrator account. The...