EUVD-2025-24942

Malicious code in bioql PyPI...

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

PT-2025-33411 · Ourphp · Ourphp

Name of the Vulnerable Software and Affected Versions: OURPHP versions through 8.6.1 Description: OURPHP through version 8.6.1 is susceptible to Cross-Site Scripting XSS via the Name field within the "Complete Profile" functionality located in the "My User Center" page. This functionality is...

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

CVE-2025-51965

CVE-2025-51965 affects OURPHP up to version 8.6.1, where the vulnerability is a Cross‑Site Scripting (XSS) flaw in the Name field of the Complete Profile function in My User Center, accessible after front‑end registration. The underlying issue and exploitation details are not further elaborated i...

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

Veris: Complete Profile URL is not Random and not expiring

This issue refers to a token non expiry issue and vulnerable uri patterns for onboarding process. The On Boarding process of Veris was revamped after a few such similar reports...