191 matches found
EUVD-2025-8714
Malicious code in bioql PyPI...
EUVD-2025-8716
Malicious code in bioql PyPI...
EUVD-2023-35984
Malicious code in bioql PyPI...
EUVD-2024-49448
Malicious code in bioql PyPI...
EUVD-2025-15031
Malicious code in bioql PyPI...
EUVD-2025-15029
Malicious code in bioql PyPI...
EUVD-2025-15030
Malicious code in bioql PyPI...
CVE-2025-5149
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...
CVE-2025-5149
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...
CVE-2025-5149
CVE-2025-5149 affects WCMS up to version 8.3.11, specifically the Login component’s getMemberByUid function in /index.php?articleadmin/getallcon. The vulnerability stems from manipulating the uid parameter, causing improper authentication. Attacks can be launched remotely with high attack complex...
CVE-2025-5149 WCMS Login getallcon getMemberByUid improper authentication
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...
CVE-2025-5149 WCMS Login getallcon getMemberByUid improper authentication
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...
PT-2025-22860 · Wcms · Wcms
Name of the Vulnerable Software and Affected Versions: WCMS versions up to 8.3.11 Description: A critical issue has been found in the Login component, specifically affecting the getMemberByUid function. The manipulation of the uid argument leads to improper authentication, allowing for remote...
WCMS 授权问题漏洞
WCMS is a content management system CMS from the individual developers at Vedegis. An authorization issue vulnerability exists in WCMS version 8.3.11 and earlier, which stems from improper authentication due to incorrect manipulation of the parameter uid in file/index.php?articleadmin/getallcon...
CVE-2024-8875
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2020-24139
Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services...
CVE-2020-19902
Directory Traversal vulnerability found in Cryptoprof WCMS v.0.3.2 allows a remote attacker to execute arbitrary code via the wex/cssjs.php parameter...
CVE-2020-24136
Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php...
CVE-2019-14240
WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...
CVE-2019-11377
wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fmgettextexts function...