49 matches found
CVE-2022-37786
An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the Home / Admin / Resources page, the Home / Admin / System Params page, and the Home / Design / Basekey Configuration page...
CVE-2022-37787
An issue was discovered in WeCube platform 3.2.2. A DOM XSS vulnerability has been found on the plugin database execution page...
EUVD-2022-33379
Malicious code in bioql PyPI...
EUVD-2022-40396
Malicious code in bioql PyPI...
EUVD-2022-40395
Malicious code in bioql PyPI...
EUVD-2021-32464
Malicious code in bioql PyPI...
EUVD-2022-40394
Malicious code in bioql PyPI...
CVE-2022-37785
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins...
CVE-2022-28945
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file...
CVE-2021-45746
A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file variable in PluginPackageController.java...
CVE-2022-37786
An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the Home / Admin / Resources page, the Home / Admin / System Params page, and the Home / Design / Basekey Configuration page...
CVE-2022-37785
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins...
CVE-2022-37787
An issue was discovered in WeCube platform 3.2.2. A DOM XSS vulnerability has been found on the plugin database execution page...
Design/Logic Flaw
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins...
Input validation
An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the Home / Admin / Resources page, the Home / Admin / System Params page, and the Home / Design / Basekey Configuration page...
Cross site scripting
An issue was discovered in WeCube platform 3.2.2. A DOM XSS vulnerability has been found on the plugin database execution page...
WeCube 安全漏洞
WeCube is a set of open source , one-stop It architecture management and operation and maintenance management tools . It is used to simplify distributed architecture It management and can be extended with plugins. A security vulnerability exists in WeCube Platform version 3.2.2, which stems from...
WeCube 安全漏洞
WeCube is a set of open source , one-stop It architecture management and operation and maintenance management tools . Used to simplify the distributed architecture It management , and can be extended through plug-ins . A security vulnerability exists in WeCube Platform version 3.2.2, which stems...
CVE-2022-37785
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins...
PT-2023-13552 · Unknown · Wecube Platform
Name of the Vulnerable Software and Affected Versions: WeCube Platform version 3.2.2 Description: An issue was discovered where cleartext passwords are displayed in the configuration for terminal plugins. Recommendations: For WeCube Platform version 3.2.2, consider restricting access to the...