16 matches found
EUVD-2025-24136
Malicious code in bioql PyPI...
EUVD-2025-25340
Malicious code in bioql PyPI...
CVE-2025-50904
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...
CVE-2025-50904
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...
CVE-2025-50904
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...
CVE-2025-50904
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...
CVE-2025-50904
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...
CVE-2025-8838
WinterChenS my-site (Backend Interface) is affected in the preHandle function for /admin/. The flaw arises from manipulating the uri argument, causing improper authentication. Exploitation is described as remote and publicly disclosed, with the real existence of the vulnerability doubted in some ...
PT-2025-32531 · Winterchens · My-Site
Name of the Vulnerable Software and Affected Versions: WinterChenS my-site affected versions not specified Description: A vulnerability exists in the preHandle function of the /admin/ file within the Backend Interface component. Manipulation of the uri argument results in improper authentication...
CVE-2023-29638
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
CVE-2023-29638
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
CVE-2023-29638
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
Cross site scripting
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
CVE-2023-29638
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
CVE-2023-29638
Cross Site Scripting XSS vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles...
CVE-2023-29638
The CVE-2023-29638 entry concerns a Cross Site Scripting (XSS) vulnerability in WinterChenS my-site, affecting versions before commit 3f0423da6d5200c7a46e200da145c1f54ee18548. The root cause is input handling during blog article edits, allowing an attacker to inject arbitrary script or HTML. Impa...