CVE-2025-69011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/a through = 2.29...

CVE-2025-69011 WordPress Cool Tag Cloud plugin <= 2.29 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/a through = 2.29...

PT-2026-21120

Name of the Vulnerable Software and Affected Versions WPKube Cool Tag Cloud versions through 2.29 Description The software contains a flaw related to improper input handling during web page creation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...

WordPress Relevanssi Premium plugin < 2.29.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi Premium versions 2.29.0...

WordPress Cool Tag Cloud plugin <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Cool Tag Cloud versions = 2.29...

Linux Distros Unpatched Vulnerability : CVE-2024-58281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload...

CVE-2024-58281 Dotclear 2.29 Remote Code Execution via Authenticated File Upload

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through...

CVE-2025-13614

CVE-2025-13614 corresponds to a Stored Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin Cool Tag Cloud. Public details confirm: all versions up to and including 2.29 are affected due to insufficient input sanitization and output escaping on user-supplied attributes in the cool_tag...

CVE-2025-13614 Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cooltagcloud' shortcode in all versions up to, and including, 2.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

HP Integrated Lights-Out Denial of Service (CVE-2015-5436)

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 iLO 4 firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service DoS. Note this was originally published in 2015 however the CVE ent...

CVE-2025-34304

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34301

IPFire R2 (before 2.29 Core Update 198) is vulnerable to stored XSS via the COUNTRY_CODE parameter when creating a location group. An authenticated attacker can supply malicious JavaScript in COUNTRY_CODE, which is stored and later rendered in the web interface without proper sanitization/encodin...

CVE-2025-34313

IPFire

CVE-2025-34313 IPFire < v2.29 Stored XSS via User Quota Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

PT-2025-44166

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the...

PT-2025-44174

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the...

PT-2025-44164

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire installations are affected by multiple stored cross-site scripting XSS issues. These occur because the cleanhtml function located at /var/ipfire/header.pl does not correctly appl...

EUVD-2017-4025

Malware in sbrugna...

EUVD-2015-5392

Malware in sbrugna...

EUVD-2017-4029

Malware in sbrugna...