19 matches found
EUVD-2002-1372
Malware in sbrugna...
EUVD-2025-31385
Malicious code in bioql PyPI...
CVE-2025-57692
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
GHSA-456V-F425-8MCV PiranhaCMS stored XSS
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
PiranhaCMS stored XSS
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
CVE-2025-57692
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
CVE-2025-57692
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
CVE-2025-57692
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
CVE-2025-57692
Affected software: PiranhaCMS 12.0 (self-hosted CMS). Vulnerability: Stored Cross-Site Scripting in the Text content block of Standard and Standard Archive Pages, exploitable via /manager/pages. Root cause (as per sources): Insufficient input filtering allowing stored XSS. Impact: Allows executio...
PT-2025-39678
Name of the Vulnerable Software and Affected Versions PiranhaCMS version 12.0 Description The software contains a stored cross-site scripting XSS issue in the Text content block of Standard and Standard Archive Pages. This allows for the execution of arbitrary JavaScript in another user's browser...
CVE-2025-57692
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...
Linux Distros Unpatched Vulnerability : CVE-2025-4390
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the...
CVE-2025-4390
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...
UBUNTU-CVE-2025-4390
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...
CVE-2025-4390 WP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information Exposure
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...
CVE-2014-4717
Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...
CVE-2014-4717
Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...
CVE-2002-1388
Cross-site scripting XSS vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages...
CVE-2002-1388
Cross-site scripting XSS vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages...