VYPR

PyPI package

mocodo

pkg:pypi/mocodo

Vulnerabilities (1)

  • CVE-2024-35374CriMay 24, 2024
    affected < 4.2.7fixed 4.2.7

    Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions.