Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/03/19 8:55 p.m.20 views

CVE-2026-32622 SQLBot: Remote Code Execution via Terminology Poisoning

SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a Stored Prompt Injection vulnerability that chains three flaws: a missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology,...

8.6CVSS0.00562EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32061

Malicious code in bioql PyPI...

9.2CVSS6.6AI score0.0465EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:1 p.m.9 views

CVE-2020-4043

phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution discovered, tested, and confirmed by myself, so the risk factor should be regarded as very high...

9.8CVSS7.5AI score0.02597EPSS
Exploits0References7
OSV
OSV
added 2020/06/10 8:15 p.m.13 views

CVE-2020-4043

phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution discovered, tested, and confirmed by myself, so the risk factor should be regarded as very high...

9.8CVSS9.8AI score
Exploits0References5
Cvelist
Cvelist
added 2020/06/10 7:40 p.m.37 views

CVE-2020-4043 Phar unserialization vulnerability in phpMussel

phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution discovered, tested, and confirmed by myself, so the risk factor should be regarded as very high...

7.7CVSS9.7AI score0.02597EPSS
Exploits0References5
Rows per page
Query Builder