EUVD-2023-30878

Malicious code in bioql PyPI...

EUVD-2023-23731

Malicious code in bioql PyPI...

EUVD-2025-16056

Malicious code in bioql PyPI...

EUVD-2023-23654

Malicious code in bioql PyPI...

EUVD-2023-23848

Malicious code in bioql PyPI...

CVE-2023-1616

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

CVE-2023-1483

A vulnerability has been found in XiaoBingBy TeaCMS up to 2.0.2 and classified as critical. This vulnerability affects unknown code of the file /admin/getallarticleinfo. The manipulation of the argument searchInfo leads to sql injection. The attack can be initiated remotely. VDB-223366 is the...

CVE-2023-27091

An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameters...

CVE-2025-5033 XiaoBingby TeaCMS addUser cross-site request forgery

A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be...

CVE-2025-5033

CVE-2025-5033 affects XiaoBingby TeaCMS 2.0.2. The vulnerability is in an unknown functionality of src/main/java/me/teacms/controller/admin/UserManageController/addUser, leading to cross-site request forgery (CSRF). It can be triggered remotely and an exploit has been disclosed publicly. Multiple...

PT-2025-22413 · Unknown · Xiaobingby Teacms

Name of the Vulnerable Software and Affected Versions: XiaoBingby TeaCMS version 2.0.2 Description: A problematic issue was found in an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser, leading to cross-site request forgery. The attack can be...

TeaCMS 跨站脚本漏洞

TeaCMS is a blogging system by the individual developer XiaoBingBy. A security vulnerability exists in TeaCMS, which stems from a stored cross-site scripting vulnerability that can be exploited by an attacker to disclose sensitive information...

CVE-2023-27091

An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameters...

Design/Logic Flaw

An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameters...

CVE-2023-27091

An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameters...

CVE-2023-27091

An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameters...

XiaoBingby TeaCMS 授权问题漏洞

XiaoBingBy TeaCMS is a blog system by xiaobingby personal developer. A security vulnerability exists in XiaoBingby TeaCMS 2.3.3, which stems from an unauthorized access issue in the system that can be exploited by an attacker to elevate privileges via the id and keywords parameters...

CVE-2023-27091

CVE-2023-27091 affects XiaoBingby TeaCMS (version 2.3.3). The connected records describe an unauthorized access issue that allows attackers to escalate privileges via the id and keywords parameters. The vulnerability is evidenced across multiple sources (NVD, Red Hat, PRion, CNNVD, PT-SEC) with t...

PT-2023-20948 · Unknown · Xiaobingby Teacms

Name of the Vulnerable Software and Affected Versions: XiaoBingby TeaCMS version 2.3.3 Description: An unauthorized access issue allows attackers to escalate privileges via the id and keywords parameters. Recommendations: For XiaoBingby TeaCMS version 2.3.3, consider restricting access to the id...

CVE-2023-1616

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...