27 matches found
EUVD-2025-16749
Malicious code in bioql PyPI...
EUVD-2025-16748
Malicious code in bioql PyPI...
EUVD-2025-16747
Malicious code in bioql PyPI...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
CVE-2025-43923
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...
CVE-2025-43924
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController for /fp/admin/settings/loginpage and the rootserviceurl parameter in FriendsController for /fp/admin/settings/friends, entered by an admin, allow stored XSS...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
CVE-2025-43924
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController for /fp/admin/settings/loginpage and the rootserviceurl parameter in FriendsController for /fp/admin/settings/friends, entered by an admin, allow stored XSS...
CVE-2025-43923
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...
CVE-2025-43923
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
CVE-2025-43924
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController for /fp/admin/settings/loginpage and the rootserviceurl parameter in FriendsController for /fp/admin/settings/friends, entered by an admin, allow stored XSS...
CVE-2025-43924
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController for /fp/admin/settings/loginpage and the rootserviceurl parameter in FriendsController for /fp/admin/settings/friends, entered by an admin, allow stored XSS...
CVE-2025-43923
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
CVE-2025-43923
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...
CVE-2025-43925
CVE-2025-43925 affects Unicom Focal Point 7.6.1. The issue is that the database is encrypted with a hardcoded key, which could allow recovery of plaintext data. Multiple connected sources corroborate the vulnerability, noting the same root cause and potential impact. There is no explicit exploit ...
CVE-2025-43924
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController for /fp/admin/settings/loginpage and the rootserviceurl parameter in FriendsController for /fp/admin/settings/friends, entered by an admin, allow stored XSS...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
Unicom Focal Point 安全漏洞
Unicom Focal Point is a portfolio management and decision analysis tool from Unicom, Inc. for use by corporate and government agency product organizations. A security vulnerability exists in Unicom Focal Point version 7.6.1, which stems from the database being encrypted using a hard-coded key,...