EUVD-2020-11419

Malware in sbrugna...

CVE-2025-22926

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php=save...

CVE-2024-46626

OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload...

CVE-2024-46626

OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload...

CVE-2024-46626

OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload...

CVE-2024-30321

A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...

CVE-2024-1522

CVE-2024-1522 affects the parisneo/lollms-webui project. The vulnerability is a CSRF in the /execute_code endpoint that fails to validate requests, allowing an attacker to craft a malicious page that submits commands to the victim's local lollms-webui instance and execute arbitrary OS commands. T...

CVE-2020-10130 CVE-2020-10130

SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system...

Code injection

An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1...

CVE-2021-40363

A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...

CVE-2020-19515

qdPM V9.1 is vulnerable to Cross Site Scripting XSS via qdPM\install\modules\databaseconfig.php...

Cross site scripting

qdPM V9.1 is vulnerable to Cross Site Scripting XSS via qdPM\install\modules\databaseconfig.php...

CVE-2020-19515

qdPM 9.1 is vulnerable to Cross-Site Scripting via qdPM\install\modules\database_config.php. The root cause is insufficient validation of user-supplied data in that configuration file, enabling injection of malicious scripts into pages viewed by users. Impact could include data theft, session hij...

CVE-2020-26165

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used...

Remote code execution

Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution...

CVE-2019-19166 Tobesoft XPlatform Arbitrary File Execution Vulnerability

Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution...

CVE-2020-9008

Stored Cross-site scripting XSS vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor...

Cross site scripting

Stored Cross-site scripting XSS vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor...

CVE-2020-9008

CVE-2020-9008 : Stored XSS in Blackboard Learn/PeopleTool v9.1 via the Tile widget in the People Tool profile editor. Root cause described in CNVD as lack of proper validation of client-side data. Impact per sources: ability to execute client-side code. No explicit remediation details are provide...

Security Bulletin: IBM MQ is vulnerable to a denial of service attack caused by an error within the tracing functionality. (CVE-2019-4491)

Summary An error was found within the IBM MQ tracing functionality that would allow an attacker to execute a denial of service attack against IBM MQ. Vulnerability Details CVEID: CVE-2019-4491 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error within the tracing...