27 matches found
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
WCMS 跨站脚本漏洞
WCMS is a content management system CMS developed by Vedegis for individual users. Version wCMS v.1.4 has a cross-site scripting vulnerability, which stems from cross-site scripting attacks when creating new blogs...
EUVD-2026-27001
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
PT-2026-36832
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
Orchard Core cross-site scripting vulnerabilities
Orchard Core is an open-source modularized and multi-tenant application framework built using Asp.Net Core by the US-based Orchard Core company. It also includes a content management system Cms built on top of this framework. The Orchard Core RC1 version contained a cross-site scripting...
EUVD-2019-7226
Malware in sbrugna...
EUVD-2005-4684
Malware in sbrugna...
EUVD-2022-4101
Malicious code in bioql PyPI...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2017-1000467
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
CVE-2024-27517
Webasyst 2.9.9 has a Cross-Site Scripting XSS vulnerability, Attackers can create blogs containing malicious code after gaining blog permissions...
Lichess: Unauthorized Blogs Creation
A vulnerability was identified on the lichess.org website that allowed unauthorized blog creation. By manipulating certain requests and leveraging the session cookies of a different account, an attacker could bypass account-specific limitations and create a blog post on an account that was not ye...
GHSA-H7VH-6GMM-G7H9 Stored XSS in LavaLite 5.2.4
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
Stored XSS in LavaLite 5.2.4
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
Cross site scripting
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...