21 matches found
CVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS on the /tools/Password/add page in the input field password...
aidigu 安全漏洞
Aidigu is an open-source Weibo project developed by SR. Li lty628 as a personal project. The aidigu v1.9.1 version contains a security vulnerability. This vulnerability stems from the lack of validation on the password input field in the /tools/Password/add page, which may lead to cross-site...
CVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS on the /tools/Password/add page in the input field password...
CVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS on the /tools/Password/add page in the input field password...
CVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS on the /tools/Password/add page in the input field password...
CVE-2025-70846
Summary: CVE-2025-70846 affects lty628 aidigu v1.9.1 and is a Cross Site Scripting (XSS) vulnerability on the /tools/Password/add page, within the password input field. Details from sources: The vulnerability is described across multiple feeds as XSS in the password field on /tools/Password/add. ...
CVE-2025-70845
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
CVE-2025-70845
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
CVE-2025-70845
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
CVE-2025-70845
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
aidigu 安全漏洞
Aidigu is an open-source Weibo project developed by SR. Li lty628 as a personal project. Version 1.9.1 of Aidigu contains a security vulnerability. This vulnerability stems from insufficient cleaning and escaping of the intro field in the /setting/ page, which may lead to cross-site scripting...
CVE-2025-70845
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
CVE-2025-70845
CVE-2025-70845 affects lty628 aidigu v1.9.1. The vulnerability is a Cross Site Scripting (XSS) flaw on the /setting/ page, where the "intro" field is not properly sanitized or escaped. The available sources confirm the flaw but do not provide details on exploit scenarios, affected versions beyond...
PT-2026-7907
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...
EUVD-2025-20786
Malicious code in bioql PyPI...
CVE-2025-7216
A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of the component PHP Object Handler. The manipulation of the argument rememberMe leads to deserialization. It is possible to...
CVE-2025-7216 lty628 Aidigu PHP Object common.php checkUserCookie deserialization
A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of the component PHP Object Handler. The manipulation of the argument rememberMe leads to deserialization. It is possible to...
CVE-2025-7216 lty628 Aidigu PHP Object common.php checkUserCookie deserialization
A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of the component PHP Object Handler. The manipulation of the argument rememberMe leads to deserialization. It is possible to...
CVE-2025-7216
CVE-2025-7216 affects lty628 Aidigu versions up to 1.8.2. The vulnerability resides in the PHP Object Handler's file /application/common.php, specifically the function checkUserCookie, where manipulating the rememberMe argument leads to deserialization. This allows remote exploitation and, per so...
PT-2025-28842 · Unknown · Lty628 Aidigu
Name of the Vulnerable Software and Affected Versions: lty628 Aidigu versions up to 1.8.2 Description: A critical vulnerability exists in lty628 Aidigu. The issue affects the checkUserCookie function within the PHP Object Handler component, located in the /application/common.php file. Manipulatio...