Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-21386

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/07/14 8:15 p.m.36 views

CVE-2025-53639

MeterSphere is an open source continuous testing platform. Prior to version 3.6.5-lts, the sortField parameter in certain API endpoints is not properly validated or sanitized. An attacker can supply crafted input to inject and execute arbitrary SQL statements through the sorting functionality. Th...

9.8CVSS0.00357EPSS
Exploits0References1
OSV
OSV
added 2025/07/14 8:4 p.m.4 views

CVE-2025-53639 Metersphere has SQL Injection Vulnerability in Sorting Field

MeterSphere is an open source continuous testing platform. Prior to version 3.6.5-lts, the sortField parameter in certain API endpoints is not properly validated or sanitized. An attacker can supply crafted input to inject and execute arbitrary SQL statements through the sorting functionality. Th...

7.2CVSS7.8AI score0.00357EPSS
Exploits0References3
CVE
CVE
added 2025/07/14 8:4 p.m.22 views

CVE-2025-53639

MeterSphere is affected by a SQL injection vulnerability in the sortField parameter of certain API endpoints, present in versions prior to 3.6.5-lts. The vulnerability arises from insufficient validation/sanitization of the sortField input, allowing an attacker to inject and execute arbitrary SQL...

9.8CVSS8AI score0.00357EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.3 views

PT-2025-29510 · Unknown · Metersphere

Name of the Vulnerable Software and Affected Versions: MeterSphere versions prior to 3.6.5-lts Description: MeterSphere, a continuous testing platform, contains a flaw due to improper validation or sanitization of the sortField parameter in specific API endpoints. This allows attackers to inject...

7.2CVSS7.4AI score0.00357EPSS
Exploits0References5
Rows per page
Query Builder