5 matches found
EUVD-2024-26732
Malicious code in bioql PyPI...
PT-2025-33500 · Drupal · Drupal Authenticator Login
Name of the Vulnerable Software and Affected Versions: Drupal Authenticator Login versions 0.0.0 through 2.1.3 Description: An Authentication Bypass Using an Alternate Path or Channel issue exists in Drupal Authenticator Login, allowing for Authentication Bypass. Recommendations: Update to versio...
CVE-2024-29737
In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...
PT-2024-22784
Name of the Vulnerable Software and Affected Versions SoftwareX versions prior to 2.1.4 Description The issue allows a user to perform a template injection attack, resulting in Remote Code Execution on the server. This can be done after a successful login, making it a moderate-impact issue...
PT-2024-22741 · Unknown · Streampark
Name of the Vulnerable Software and Affected Versions: Streampark versions prior to 2.1.4 Description: The issue allows a user to obtain sensitive information, including usernames, passwords, and salt values of other users, after a successful login. This is due to the Backend service returning...