EUVD-2010-3104

Malware in sbrugna...

EUVD-2024-27545

Malicious code in bioql PyPI...

EUVD-2024-27548

Malicious code in bioql PyPI...

EUVD-2024-27536

Malicious code in bioql PyPI...

EUVD-2024-27539

Malicious code in bioql PyPI...

EUVD-2024-27538

Malicious code in bioql PyPI...

EUVD-2024-27541

Malicious code in bioql PyPI...

EUVD-2024-27533

Malicious code in bioql PyPI...

EUVD-2024-27544

Malicious code in bioql PyPI...

EUVD-2024-27546

Malicious code in bioql PyPI...

EUVD-2024-27547

Malicious code in bioql PyPI...

CVE-2024-2599

File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure...

CVE-2024-2593

Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /amssplus/modules/book/main/bookdetailgroup.php, in the 'bid' parameter. This vulnerability could allow a remote attacker to send a special...

CVE-2024-2598

CVE-2024-2598 affects AMSS++ version 4.31, with a Cross-Site Scripting (XSS) vulnerability due to insufficient encoding of user-controlled input in multiple parameters of the /amssplus/modules/book/main/select_send_2.php endpoint. Exploitation could allow a remote attacker to lure an authenticate...

CVE-2024-2596 Cross-Site Scripting (XSS) in AMSS++

Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /amssplus/modules/mail/main/selectsend.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially...

CVE-2024-2592 SQL injection vulnerability in AMSS++

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/picshow.php, in the 'personid' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

CVE-2024-2589 SQL injection vulnerability in AMSS++

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetailschoolperson.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in th...

CVE-2024-2588

CVE-2024-2588 concerns AMSS++ v4.31 with an SQL injection in the /amssplus/admin/index.php endpoint via the id parameter. Exploitation could allow a remote attacker to craft SQL queries and retrieve data from the database. The connected sources consistently describe the vulnerability as SQLi in t...

CVE-2024-2586 SQL injection vulnerability in AMSS++

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

CVE-2024-2585 SQL injection vulnerability in AMSS++

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend2.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...