134 matches found
EUVD-2018-3775
Malware in sbrugna...
EUVD-2017-2684
Malware in sbrugna...
EUVD-2019-0127
Malware in sbrugna...
EUVD-2021-25867
Malware in sbrugna...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-984981)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984981 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0...
EUVD-2024-38917
Malicious code in bioql PyPI...
EUVD-2024-50893
Malicious code in bioql PyPI...
EUVD-2023-47750
Malicious code in bioql PyPI...
EUVD-2025-25399
Malicious code in bioql PyPI...
EUVD-2025-4916
Malicious code in bioql PyPI...
PT-2025-37016
Name of the Vulnerable Software and Affected Versions: WPGYM - Wordpress Gym Management System plugin for WordPress versions prior to 67.7.1 Description: The plugin is susceptible to privilege escalation due to missing validation on a user-controlled key within the MJ gmgt gmgt add user function...
parisc: Revise __get_user() to probe user read access
...
CVE-2025-9241
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241 elunez eladmin exportUser csv injection
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241
CVE-2025-9241 affects elunez eladmin up to version 2.7. The vulnerability resides in the exportUser function, which does not escape/export CSV content, enabling CSV injection. Exploitation can be remote and public exploits exist. Multiple connected sources corroborate the issue and identify the s...
CVE-2024-12481
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\UserDao.java. The manipulation of the argument searchValue/gId/rId leads ...
CVE-2024-7226
A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...
CVE-2024-50637
UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies...
CVE-2022-2776
A vulnerability classified as problematic has been found in SourceCodester Gym Management System. Affected is an unknown function of the file deleteuser.php. The manipulation of the argument deleteuser leads to denial of service. It is possible to launch the attack remotely. The identifier of thi...
CVE-2025-4889
A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...