83 matches found
OpenSTAManager 代码问题漏洞
OpenSTAManager is an open-source management software developed by Devcode, used for technical assistance and billing purposes. Versions of OpenSTAManager prior to 2.10.2 contained code vulnerabilities. These vulnerabilities stemmed from the oauth2.php file being an unvalidated endpoint. Attackers...
CVE-2025-1847
A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was...
CVE-2025-1848
A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /importdatacheck. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...
CVE-2025-1820
A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Affected by this vulnerability is the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to sql injection. The attack ca...
EUVD-2020-11853
Malware in sbrugna...
EUVD-2020-11855
Malware in sbrugna...
EUVD-2007-5592
Malware in sbrugna...
EUVD-2020-11856
Malware in sbrugna...
EUVD-2020-11857
Malware in sbrugna...
EUVD-2025-5849
Malicious code in bioql PyPI...
CVE-2020-19961
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php...
CVE-2020-19959
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dlsendmail.php page cookie...
CVE-2020-19960
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dlsendsms.php page cookie...
CVE-2020-19957
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dlprint.php page...
Malicious code in zz-aipage-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f712f52c5a683ddfe543f58cb84fdf0f1e39545dcda7c102d4904065d87b775 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in zz-react-custom-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c52c19012a2e7ff5c32331c8fb8bdf0ec9811d36c029f8d2ff30de7c98fdf6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2200 Malicious code in zz-react-custom-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c52c19012a2e7ff5c32331c8fb8bdf0ec9811d36c029f8d2ff30de7c98fdf6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2199 Malicious code in zz-aipage-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f712f52c5a683ddfe543f58cb84fdf0f1e39545dcda7c102d4904065d87b775 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-1849
A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /importdatatodb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-1849
A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /importdatatodb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been...