Lucene search
K

191 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-8714

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00337EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-8716

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00492EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-35984

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.2022EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-49448

Malicious code in bioql PyPI...

9.1CVSS5.7AI score0.00853EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-15031

Malicious code in bioql PyPI...

7.2CVSS5AI score0.00404EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-15029

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00567EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-15030

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00455EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/27 2:35 p.m.10 views

CVE-2025-5149

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...

8.1CVSS7AI score0.00517EPSS
Exploits1References1
NVD
NVD
added 2025/05/25 1:15 p.m.13 views

CVE-2025-5149

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...

8.1CVSS0.00517EPSS
Exploits1References4
CVE
CVE
added 2025/05/25 1:0 p.m.60 views

CVE-2025-5149

CVE-2025-5149 affects WCMS up to version 8.3.11, specifically the Login component’s getMemberByUid function in /index.php?articleadmin/getallcon. The vulnerability stems from manipulating the uid parameter, causing improper authentication. Attacks can be launched remotely with high attack complex...

8.1CVSS5.6AI score0.00517EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/05/25 1:0 p.m.17 views

CVE-2025-5149 WCMS Login getallcon getMemberByUid improper authentication

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...

6.3CVSS0.00517EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/25 1:0 p.m.14 views

CVE-2025-5149 WCMS Login getallcon getMemberByUid improper authentication

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by this vulnerability is the function getMemberByUid of the file /index.php?articleadmin/getallcon of the component Login. The manipulation of the argument uid leads to improper authentication. The attack c...

6.3CVSS5.6AI score0.00517EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/05/25 12:0 a.m.7 views

PT-2025-22860 · Wcms · Wcms

Name of the Vulnerable Software and Affected Versions: WCMS versions up to 8.3.11 Description: A critical issue has been found in the Login component, specifically affecting the getMemberByUid function. The manipulation of the uid argument leads to improper authentication, allowing for remote...

8.1CVSS5.4AI score0.00517EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/05/25 12:0 a.m.5 views

WCMS 授权问题漏洞

WCMS is a content management system CMS from the individual developers at Vedegis. An authorization issue vulnerability exists in WCMS version 8.3.11 and earlier, which stems from improper authentication due to incorrect manipulation of the parameter uid in file/index.php?articleadmin/getallcon...

8.1CVSS5.8AI score0.00517EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.15 views

CVE-2024-8875

A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...

9.1CVSS6.8AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 p.m.13 views

CVE-2020-24139

Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify open ports, local network hosts and execute command on local services...

8.3CVSS7AI score0.01051EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:28 p.m.10 views

CVE-2020-19902

Directory Traversal vulnerability found in Cryptoprof WCMS v.0.3.2 allows a remote attacker to execute arbitrary code via the wex/cssjs.php parameter...

9.8CVSS7.9AI score0.01935EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 p.m.9 views

CVE-2020-24136

Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php...

8.6CVSS6.8AI score0.02223EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:28 a.m.9 views

CVE-2019-14240

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...

8.1CVSS6.9AI score0.00844EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 a.m.10 views

CVE-2019-11377

wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fmgettextexts function...

8.8CVSS6.8AI score0.0175EPSS
Exploits1References1
Rows per page
Query Builder