PT-2026-42063

Name of the Vulnerable Software and Affected Versions General Options versions prior to 1.1.1 Description The General Options plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the sanitize text field function is used for output escaping in the Contact Number a...

CVE-2021-31934

OX App Suite 7.10.4 and earlier allows XSS via a crafted contact object payload in the position or company field that is mishandled in the App Suite UI on a smartphone...

CVE-2023-53879

NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition...

CVE-2023-53879

NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition...

CVE-2023-53879

NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition...

CVE-2023-53879 NVClient 5.0 Stack Buffer Overflow Vulnerability via User Configuration

NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition...

CVE-2023-53879 NVClient 5.0 Stack Buffer Overflow Vulnerability via User Configuration

NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition...

CVE-2023-53879

CVE-2023-53879 affects NVClient 5.0. A stack buffer overflow in the user configuration contact field allows an attacker to overwrite 846 bytes, causing a denial of service by crashing the application. Connected sources confirm the issue and describe the vulnerability consistently; no remediation ...

PT-2025-51297

Name of the Vulnerable Software and Affected Versions NVClient version 5.0 Description NVClient 5.0 contains a stack buffer overflow in the user configuration contact field. An attacker can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, leading to a denial of...

Neon Güvenlik NVClient 安全漏洞

Neon Güvenlik NVClient is a client software for web video from the Turkish company Neon Güvenlik. A security vulnerability exists in Neon Güvenlik NVClient version 5.0, which stems from a stack buffer overflow in the user-configured contact field that could cause the application to crash...

CVE-2025-11946

A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...

EUVD-2014-8214

Malware in sbrugna...

EUVD-2022-15612

Malicious code in bioql PyPI...

School Fees Payment System student.php File Cross-Site Scripting Vulnerability

School Fees Payment System is a tuition payment system. School Fees Payment System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the sname/contact/about/emailid/transcationremark parameter of the student.php...

MainWP: Stored Cross-Site Scripting (XSS) in "Add Contact" Name Field – MainWP Plugin

A stored cross-site scripting XSS vulnerability was discovered in the MainWP WordPress plugin. The vulnerability was found in the "Add Contact" Contact Name field, where user input was not properly sanitized before rendering it back into the DOM. As a result, an attacker could inject malicious...

CVE-2022-41139

MITRE CALDERA 4.1.0 allows stored XSS via app.contact.gist aka the gist contact configuration field, leading to execution of arbitrary commands on agents...

CVE-2019-11370

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pwsnmp.html "System contact" field...

VulnCheck KEV: CVE-2019-11370

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pwsnmp.html "System contact" field...

CVE-2023-40851

Cross Site Scripting XSS vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to run arbitrary code via fname, lname, email, and contact fields of the user registration page...

CVE-2023-40851

Cross Site Scripting XSS vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to run arbitrary code via fname, lname, email, and contact fields of the user registration page...