24 matches found
CVE-2022-26268
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
EUVD-2021-30644
Malicious code in bioql PyPI...
EUVD-2022-30829
Malicious code in bioql PyPI...
EUVD-2021-30645
Malicious code in bioql PyPI...
xiaohuanxiong SQL injection vulnerability
xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...
CVE-2022-26268
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
CVE-2022-26268
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
CVE-2022-26268
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
Sql injection
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
CVE-2022-26268
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php...
CVE-2022-26268
The connected documents confirm CVE-2022-26268 affects Xiaohuanxiong v1.0 and exposes a SQL injection vulnerability via the id parameter in /app/controller/Books.php. The vulnerability is described consistently across sources (e.g., NVD, CNVD, Red Hat, CVE lists). No specific exploit code, affect...
xiaohuanxiong CMS SQL注入漏洞
xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...
xiaohuanxiong CMS cross-site request forgery vulnerability
xiaohuanxiong CMS is a comic book CMS. xiaohuanxiong CMS version 5.0.17 is vulnerable to cross-site request forgery, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability to modify the password of t...
CVE-2021-43737
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
CVE-2021-43737
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
Cross site request forgery (csrf)
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
CVE-2021-43738
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that can add the administrator account...
CVE-2021-43738
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that can add the administrator account...
CVE-2021-43737
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
CVE-2021-43737
CVE-2021-43737 affects xiaohuanxiong CMS 5.0.17. The issue is a cross-site request forgery (CSRF) in the WEB application that allows an attacker to modify the password of the administrator account. Root cause described in sources is insufficient validation that requests originate from a trusted u...