200 matches found
EUVD-2025-28108
Malicious code in bioql PyPI...
EUVD-2023-0662
Malicious code in bioql PyPI...
EUVD-2023-53160
Malicious code in bioql PyPI...
EUVD-2025-28107
Malicious code in bioql PyPI...
EUVD-2025-30580
Malicious code in bioql PyPI...
EUVD-2025-28507
Malicious code in bioql PyPI...
CVE-2025-58232
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ickata Image Editor by Pixo image-editor-by-pixo allows DOM-Based XSS.This issue affects Image Editor by Pixo: from n/a through = 2.3.8...
WordPress Image Editor by Pixo Plugin <= 2.3.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Image Editor by Pixo versions = 2.3.8...
CVE-2025-58232
CVE-2025-58232 affects Image Editor by Pixo (WordPress plugin). The entry documents a DOM/Stored XSS vector in the Editor component, arising from Improper Neutralization of Input During Web Page Generation. Affected version:
CVE-2025-58232 WordPress Image Editor by Pixo Plugin <= 2.3.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ickata Image Editor by Pixo image-editor-by-pixo allows DOM-Based XSS.This issue affects Image Editor by Pixo: from n/a through = 2.3.8...
CVE-2025-58814
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ram Ratan Maurya Stagtools stagtools allows Stored XSS.This issue affects Stagtools: from n/a through = 2.3.8...
Linux Distros Unpatched Vulnerability : CVE-2015-3154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CRLF injection vulnerability in Zend\Mail ZendMail in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject...
CVE-2025-55579
SolidInvoice version 2.3.7 is vulnerable to a Stored Cross-Site Scripting XSS issue in the Tax Rates functionality. The vulnerability is fixed in version 2.3.8...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...
CVE-2025-55579
SolidInvoice version 2.3.7 is vulnerable to a Stored Cross-Site Scripting XSS issue in the Tax Rates functionality. The vulnerability is fixed in version 2.3.8...
PT-2025-35248
Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.3.8 Description: SolidInvoice is susceptible to a Cross Site Scripting XSS issue within the Tax Rate functionality. Recommendations: Update to version 2.3.8 or later...
CVE-2025-55580
CVE-2025-55580 affects SolidInvoice 2.3.7 with a stored XSS in the Clients module. An authenticated user can store JavaScript that executes in other users’ browsers when viewing the Clients page. A PoC exists in the linked GitHub exploit, which documents the vulnerable version (2.3.7) and the fix...
PT-2025-35249
Name of the Vulnerable Software and Affected Versions: SolidInvoice versions 2.3.7 through 2.3.8 Description: SolidInvoice is susceptible to a Cross-Site Scripting XSS issue within its client-side functionality. Recommendations: SolidInvoice version 2.3.7 should be updated. SolidInvoice version...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...