28 matches found
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
EUVD-2026-27001
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
PT-2026-36832
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
WCMS 跨站脚本漏洞
WCMS is a content management system CMS developed by Vedegis for individual users. Version wCMS v.1.4 has a cross-site scripting vulnerability, which stems from cross-site scripting attacks when creating new blogs...
Orchard Core cross-site scripting vulnerabilities
Orchard Core is an open-source modularized and multi-tenant application framework built using Asp.Net Core by the US-based Orchard Core company. It also includes a content management system Cms built on top of this framework. The Orchard Core RC1 version contained a cross-site scripting...
EUVD-2005-4684
Malware in sbrugna...
EUVD-2019-7226
Malware in sbrugna...
EUVD-2022-4101
Malicious code in bioql PyPI...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2017-1000467
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
CVE-2024-27517
Webasyst 2.9.9 has a Cross-Site Scripting XSS vulnerability, Attackers can create blogs containing malicious code after gaining blog permissions...
Lichess: Unauthorized Blogs Creation
A vulnerability was identified on the lichess.org website that allowed unauthorized blog creation. By manipulating certain requests and leveraging the session cookies of a different account, an attacker could bypass account-specific limitations and create a blog post on an account that was not ye...
Stored XSS in LavaLite 5.2.4
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
GHSA-H7VH-6GMM-G7H9 Stored XSS in LavaLite 5.2.4
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
Cross site scripting
Ogma CMS 0.5 has XSS via creation of a new blog...