33 matches found
EUVD-2025-12206
Malicious code in bioql PyPI...
EUVD-2024-26329
Malicious code in bioql PyPI...
EUVD-2025-12265
Malicious code in bioql PyPI...
CVE-2024-29318
Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting XSS via upload of a SVG file with embedded javascript code...
CVE-2024-29319
Volmarg Personal Management System 1.4.64 is vulnerable to SSRF Server Side Request Forgery via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attacker controls...
CVE-2025-28355
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery CSRF allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none...
CVE-2024-53568
A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...
CVE-2024-53569
A stored cross-site scripting XSS vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter...
CVE-2024-53568
A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...
CVE-2024-53569
A stored cross-site scripting XSS vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter...
CVE-2024-53569
A stored cross-site scripting XSS vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter...
CVE-2024-53568
A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...
PT-2025-17585 · Unknown · Volmarg Personal Management System
Name of the Vulnerable Software and Affected Versions: Volmarg Personal Management System version 1.4.65 Description: A stored cross-site scripting XSS issue exists in the New Goal Creation section, allowing authenticated attackers to execute arbitrary web scripts or HTML by injecting a crafted...
CVE-2024-53569
A stored cross-site scripting XSS vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter...
CVE-2024-53568
A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...
CVE-2024-53568
CVE-2024-53568 describes a stored XSS in Volmarg Personal Management System v1.4.65, via the Image Upload section where an attacker can inject a payload into the tag parameter. Affected component is the Image Upload/tag handling; root cause is input handling in the tag parameter. Impact as per so...
CVE-2025-28355
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery CSRF allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none...
CVE-2025-28355
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery CSRF allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none...
CVE-2025-28355
CVE-2025-28355 affects Volmarg Personal Management System 1.4.65. The root cause is CSRF due to the SameSite cookie attribute defaults being set to None, enabling attackers to perform actions on behalf of authenticated users and potentially access/alter data. The CVSS v3.1 base score is 4.7 (Medi...
PT-2025-17332 · Unknown · Volmarg Personal Management System
Name of the Vulnerable Software and Affected Versions: Volmarg Personal Management System version 1.4.65 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none. This is related to Cross Site...