41 matches found
CVE-2025-1083
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...
EUVD-2019-6679
Malware in sbrugna...
EUVD-2025-1995
Malicious code in bioql PyPI...
EUVD-2025-1996
Malicious code in bioql PyPI...
EUVD-2025-1994
Malicious code in bioql PyPI...
CVE-2024-29401
xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the session of a deleted admin to do anything...
CVE-2022-41431
xzs v3.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /admin/question/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...
CVE-2019-15744
The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyakisoftbank/keyakisoftbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app versionCode=1413005, versionName=1.3.0 that allows unauthoriz...
CVE-2025-1084
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-1084
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...
Mindskip xzs-mysql 安全漏洞
Mindskip xzs-mysql is a java + vue front-end and back-end separated exam system from Wuhan Mindskip Technology Mindskip company in China. The main advantages are simple and fast development and deployment, friendly interface design and clear code structure. Support web end and wechat small progra...
CVE-2025-1084 Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgery
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-1084 Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgery
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-1084
The CVE-2025-1084 entry concerns Mindskip xzs-mysql 学之思开源考试系统 3.9.0 with a cross-site request forgery (CSRF) vulnerability. Affected component/functionality is not specified beyond “some unknown functionality,” but the issue is exploitable remotely and affects multiple endpoints. The exploit has ...
CVE-2025-1083
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...
CVE-2025-1083
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...
CVE-2025-1082
A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...
CVE-2025-1083
Mindskip xzs-mysql 学之思开源考试系统 3.9.0 is affected via the CORS Handler, causing a permissive cross-domain policy with untrusted domains. Impacted component allows remote access with high attack complexity and exploitation described as difficult, with public disclosure. Several connected sources corr...
CVE-2025-1083 Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policy
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...
CVE-2025-1083 Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policy
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...