EUVD-2020-14149

Malware in sbrugna...

CVE-2025-8917 Path Traversal Leading to Remote Code Execution in allegroai/clearml

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

EUVD-2024-53511

Malicious code in bioql PyPI...

CVE-2024-11739

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Case Informatics Case ERP allows SQL Injection. This issue affects Case ERP: before V2.0.1...

CVE-2020-21377

SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter...

WordPress plugin WoWHead Tooltips 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-48548

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...

CVE-2024-44459

CVE-2024-44459 concerns VerneMQ 2.0.1 with a memory allocation issue that allows an attacker to cause a Denial of Service via excessive memory consumption. Connected sources (Red Hat, NVD, OSV, CNNVD, CVE records) consistently describe the same vulnerable version and impact, with no publicly docu...

CVE-2024-44459

A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service DoS via excessive memory consumption...

PopojiCMS Version 2.0.1 - Remote Command Execution Vulnerability

Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on: https://www.softaculous.com/apps/cms/PopojiC...

GLSA-202401-32 : libaom: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-32 libaom: Multiple Vulnerabilities - AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c. CVE-2020-36129 - AOM v2.0.1 was discovered to contain a NULL pointer dereference via the...

Cross site request forgery (csrf)

IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery CSRF...

CVE-2023-42188

IceCMS v2.0.1 is vulnerable to Cross-Site Request Forgery (CSRF). The issue originates from insufficient validation of request origin, enabling a malicious actor to forge requests that trigger sensitive operations. Public descriptions confirm CSRF vulnerability for IceCMS 2.0.1. Some sources sugg...

IceCMS 跨站请求伪造漏洞

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site request forgery vulnerability exists in IceCMS v2.0.1, which originates from a WEB application that does not adequately validate whether a request comes from a trusted user. An attack...

CVE-2023-42188

IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery CSRF...

CVE-2023-42188

IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery CSRF...

Debian DSA-5490-1 : aom - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5490 advisory. - AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 - AOM v2.0.1 was discovered to contain a stac...

CVE-2023-36100

An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser...

CVE-2023-30172

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

CVE-2023-0995

Cross-site Scripting XSS - Stored in GitHub repository unilogies/bumsys prior to v2.0.1...