EUVD-2022-2797

Malicious code in bioql PyPI...

CVE-2024-46639

A cross-site scripting XSS vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box...

Helpdeskz v2.0.2 - Stored XSS Vulnerability

Exploit Title: Stored XSS Vulnerability via File Name Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox 115.1.0esr 64-bit CVE : N/A Payload: "...

CVE-2024-42612

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/domainmanagement.php?whitelistadd...

CVE-2024-42616

Pligg CMS v2.0.2 is affected by a CSRF vulnerability exposed at /admin/admin_widgets.php?action=remove&widget=Statistics. The CVE-2024-42616 entry is supported by multiple feeds (NVD, OSV, CNVD, etc.) stating that the issue is a Cross-Site Request Forgery vulnerability in Pligg/Kliqqi CMS. The co...

CVE-2024-42621

Affected software: Pligg CMS v2.0.2 (also referred to as Kliqqi CMS in related records). Vulnerability type & vector: Cross-Site Request Forgery (CSRF) via the /admin/admin_editor.php endpoint. Root cause: Insufficient verification of the request origin/authorization allows an attacker to forge r...

CVE-2024-42606

Pligg CMS v2.0.2 is affected by a Cross-Site Request Forgery (CSRF) vulnerability exploitable via the admin_log.php?clear=1 endpoint. Root cause: requests are not adequately verified as coming from trusted users, enabling forged operations on behalf of victims. Public descriptions across Red Hat,...

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=database does not adequately verify that the request is from a trusted user , an attacker...

CVE-2024-42612

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/domainmanagement.php?whitelistadd...

CVE-2024-42607

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminbackup.php?dobackup=database...

CVE-2024-42605

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/editpage.php?linkid=1...

CVE-2023-36211

The vulnerability concerns Barebones CMS v2.0.2, where a Stored Cross-Site Scripting (XSS) flaw exists in the admin panel when an authenticated user interacts with certain features. Underlying cause and affected component are not detailed beyond this description in the provided documents. Exploit...

CVE-2023-37677

Pligg CMS v2.0.2 also known as Kliqqi was discovered to contain a remote code execution RCE vulnerability in the component admineditor.php...

Remote code execution

Pligg CMS v2.0.2 also known as Kliqqi was discovered to contain a remote code execution RCE vulnerability in the component admineditor.php...

CVE-2023-37677

Pligg CMS v2.0.2 also known as Kliqqi was discovered to contain a remote code execution RCE vulnerability in the component admineditor.php...

CVE-2023-37677

Pligg CMS v2.0.2 also known as Kliqqi was discovered to contain a remote code execution RCE vulnerability in the component admineditor.php...

CVE-2023-22319

A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-1361

SQL Injection in GitHub repository unilogies/bumsys prior to v2.0.2...

Sql injection

SQL Injection in GitHub repository unilogies/bumsys prior to v2.0.2...

CVE-2023-1362 Improper Restriction of Rendered UI Layers or Frames in unilogies/bumsys

Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2...