EUVD-2025-24722

Malicious code in bioql PyPI...

PT-2025-34019 · Unknown · Bobbingwide Oik

Name of the Vulnerable Software and Affected Versions: bobbingwide oik versions through 4.15.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue, allowing Reflected XSS. Recommendations: At the moment, there is no...

CVE-2025-54671

Cross-Site Request Forgery CSRF vulnerability in bobbingwide oik oik allows Cross Site Request Forgery.This issue affects oik: from n/a through = 4.15.2...

CVE-2025-54671

Cross-Site Request Forgery CSRF vulnerability in bobbingwide oik oik allows Cross Site Request Forgery.This issue affects oik: from n/a through = 4.15.2...

CVE-2025-54671 WordPress oik plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in bobbingwide oik oik allows Cross Site Request Forgery.This issue affects oik: from n/a through = 4.15.2...

CVE-2025-54671 WordPress oik plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in bobbingwide oik oik allows Cross Site Request Forgery.This issue affects oik: from n/a through = 4.15.2...

CVE-2025-46052

An error-based SQL Injection SQLi vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php...

CVE-2025-46053

A SQL Injection vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL commands and extract sensitive data by injecting a crafted payload into the ReportID and ReplaceReportID parameters within a POST request to /reportwriter/admin/ReportCreator.php...

CVE-2025-46052

An error-based SQL Injection SQLi vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php...

webERP 安全漏洞

webERP is an open source inventory and financial management system ERP system by Tim Schofield, an individual developer. The system supports inventory management, permission role management, order management and financial management. A security vulnerability exists in webERP version v4.15.2, whic...

CVE-2025-46052

An error-based SQL Injection SQLi vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php...

CVE-2024-7628 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.2 - Authentication Bypass to Account Takeover

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2. This is due to the use of loose comparison in the 'verifyidtoken' function. This makes it possible for unauthenticated attackers to...

PT-2024-18121 · WordPress · Profilepress

Name of the Vulnerable Software and Affected Versions: ProfilePress plugin for WordPress versions up to, and including, 4.15.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's shortcodes due to insufficient input sanitization and output escaping on user-supplied...

WordPress ProfilePress Plugin <= 4.15.2 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.2 Fixed in 4.15.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1535 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 06caa12c0913 Credits Arkadiusz Hydzik Required...

Sharutils sharutils 'looks_like_c_code' function buffer overflow vulnerability

Sharutils is a free, open source tool suite maintained by GNU and designed for use under Unix and Linux operating systems. Sharutils sharutils unshar command A buffer overflow vulnerability exists in the 'lookslikeccode' function of the unshar.c file in version 4.15.2. An attacker can exploit thi...

Buffer overflow

Sharutils sharutils unshar command version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function lookslikeccode. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack...