CVE-2025-56313

A Reflected Cross-Site Scripting XSS vulnerability was discovered in the /publix/run endpoint of JATOS 3.7.1 through 3.9.6 inclusive. This allows remote attackers to execute arbitrary JavaScript in a user's web browser by including a malicious payload in the "code" URL parameter. When an...

PT-2025-44439

Name of the Vulnerable Software and Affected Versions JATOS versions 3.7.1 through 3.9.6 Description A Reflected Cross-Site Scripting XSS issue exists in JATOS. This allows remote attackers to execute arbitrary JavaScript in a user's web browser by including a malicious payload in the code URL...

CVE-2025-56313

A Reflected Cross-Site Scripting XSS vulnerability was discovered in the /publix/run endpoint of JATOS 3.7.1 through 3.9.6 inclusive. This allows remote attackers to execute arbitrary JavaScript in a user's web browser by including a malicious payload in the "code" URL parameter. When an...

EUVD-2025-35324

The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'proversionactivationcode' parameter in all versions up to, and including, 3.0.10 due to insufficient inp...

EUVD-2015-7301

Malware in sbrugna...

EUVD-2022-1204

Malicious code in bioql PyPI...

EUVD-2022-15724

Malicious code in bioql PyPI...

EUVD-2022-4371

Malicious code in bioql PyPI...

EUVD-2022-0978

Malicious code in bioql PyPI...

EUVD-2025-30400

Malicious code in bioql PyPI...

EUVD-2025-6531

Malicious code in bioql PyPI...

EUVD-2025-26332

Malicious code in bioql PyPI...

EUVD-2025-27291

Malicious code in bioql PyPI...

CVE-2025-10783

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addsubject.php. Executing manipulation of the argument subjectcode can lead to sql injection. The attack may be performed from remote. T...

CVE-2025-10784

A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/editsubject.php. The manipulation of the argument subjectcode leads to sql injection. It is possible to initiate the attack...

CVE-2025-10783

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addsubject.php. Executing manipulation of the argument subjectcode can lead to sql injection. The attack may be performed from remote. T...

CVE-2025-10783

CVE-2025-10783 affects Campcodes Online Learning Management System v1.0; vulnerability in /admin/add_subject.php where manipulating the subject_code parameter can cause SQL injection. Exploitation is remote and public exploits exist. No official patch details in provided docs; consider temporary ...

PT-2025-38687

Name of the Vulnerable Software and Affected Versions: Campcodes Online Learning Management System version 1.0 Description: A security issue exists in Campcodes Online Learning Management System. The manipulation of the subject code argument in the /admin/edit subject.php file leads to SQL...

CampCodes Online Learning Management System 安全漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A security vulnerability exists in Campcodes Online Learning Management System version 1.0, which stems from the incorrect manipulation of the parameter subjectcode in the file...

MaxKB 代码问题漏洞

MaxKB is 1Panel-dev open source an open source knowledge base question and answer system based on large language model and RAG. A code issue vulnerability exists in MaxKB version 2.0.2 and earlier and version 2.1.0, which stems from the incorrect manipulation of the parameter code in the file...