625 matches found
CVE-2025-49909
CVE-2025-49909 is a Reflected XSS vulnerability in the WordPress plugin Penci Bookmark & Follow (versions below 2.4). Exploitation is possible via input handling during web page generation, as described in multiple sources (NVD/RedHat/patchnotes). Affected product: Penci Bookmark & Follow; fixed ...
EUVD-2025-38006
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Bookmark & Follow penci-bookmark-follow allows Reflected XSS.This issue affects Penci Bookmark & Follow: from n/a through 2.4...
PT-2025-45385
Name of the Vulnerable Software and Affected Versions ThinkDashboard versions prior to 0.6.8 Description ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. A stored Cross-Site Scripting XSS issue exists in the dashboard for versions 0.6.7 and below due to a...
WordPress plugin Penci Bookmark & Follow 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2025-45215
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Bookmark & Follow penci-bookmark-follow allows Reflected XSS.This issue affects Penci Bookmark & Follow: from n/a through 2.4...
CVE-2025-62606
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
CVE-2025-62606
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
EUVD-2025-35589
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
CVE-2025-62606 my little forum vulnerable to SQL Injection in Bookmark Reordering via bookmarks parameter
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
CVE-2025-62606 my little forum vulnerable to SQL Injection in Bookmark Reordering via bookmarks parameter
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
CVE-2025-62606
CVE-2025-62606 affects My Little Forum (PHP/MySQL). Before version 2.5.12, an authenticated SQL injection vulnerability exists in the bookmark reordering feature, allowing any logged-in user to execute arbitrary SQL commands. This can lead to a full compromise of the application’s database (read,...
CVE-2025-62606 my little forum vulnerable to SQL Injection in Bookmark Reordering via bookmarks parameter
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...
my little forum 安全漏洞
my little forum is an open source PHP and MySQL based online forum system by My Little Forum. A security vulnerability exists in versions prior to my little forum 2.5.12, which stems from a SQL injection in the bookmark reordering function and could lead to a complete database crack...
Denial-of-Service (DoS)
typo3/cms-backend is vulnerable to Denial-of-Service DoS. The vulnerability is due to an uncaught exception in the Bookmark Toolbar, which allows administrator-level backend users to trigger a DoS condition in the backend user interface by saving manipulated data...
CVE-2025-57740
An Heap-based Buffer Overflow vulnerability CWE-122 in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions; FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions an...
CVE-2025-57740
CVE-2025-57740 describes a heap-based buffer overflow (CWE-122) in FortiOS (multiple branches) and FortiPAM/FortiProxy, where an authenticated user may cause code execution via crafted RDP bookmark requests. Affected: FortiOS 7.6.2 and below, 7.4.7 and below, 7.2.10 and below, 7.0 all versions, 6...
WordPress Penci Bookmark & Follow plugin < 2.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Bookmark & Follow versions 2.4...
EUVD-2009-2280
Malware in sbrugna...
EUVD-2017-4187
Malware in sbrugna...
EUVD-2016-5702
Malware in sbrugna...