4 matches found
EUVD-2025-1605
Malicious code in bioql PyPI...
CVE-2025-0331
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password...
CVE-2025-0331 YunzMall HTTP POST Request ResetpwdController.php changePwd password recovery
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password...
CVE-2025-0331
CVE-2025-0331 affects YunzMall up to 2.4.2, in the HTTP POST handler function changePwd of /app/platform/controllers/ResetpwdController.php. The root cause is manipulation of the pwd parameter, enabling weak password recovery. The attack can be remote and exploits have been disclosed publicly; th...