3 matches found
EUVD-2024-50570
Malicious code in bioql PyPI...
CVE-2025-53930 WeGIA vulnerable to Stored Cross-Site Scripting (XSS) via endpoint 'adicionar_especie.php' parameter 'especie'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarespecie.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inje...
CVE-2022-43396 Apache Kylin: Command injection by Useless configuration
In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf...