200 matches found
EUVD-2014-1067
Malware in sbrugna...
EUVD-2018-20414
Malware in sbrugna...
EUVD-2014-5076
Malware in sbrugna...
EUVD-2018-4248
Malware in sbrugna...
EUVD-2006-4902
Malware in sbrugna...
EUVD-2021-26563
Malware in sbrugna...
EUVD-2025-32304
Malicious code in bioql PyPI...
CVE-2025-57423
A SQL injection vulnerability was discovered in the /articles endpoint of MyClub 0.5, affecting the query parameters Content, GroupName, PersonName, lastUpdate, pool, and title. Due to insufficient input sanitisation, an unauthenticated remote attacker could inject arbitrary SQL commands via a...
Portabilis i‑Diário 代码注入漏洞
Portabilis i-Diário is an open source school calendar and teacher interaction management system from Portabilis, Brazil. A code injection vulnerability exists in Portabilis i-Diário 1.5.0 and earlier versions, which stems from the parameter Registro de atividades/Conteúdos in file...
CVE-2024-32343
A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...
CVE-2024-3559
The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the 'cfspostcontent' parameter versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...
CVE-2024-30618
A Stored Cross-Site Scripting XSS Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' parameter of 'grouptopics.php'...
CVE-2024-44851
A stored cross-site scripting XSS vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...
CVE-2021-3224
A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...
CVE-2025-30166
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...
CVE-2025-30166
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...
PT-2025-1603 · WordPress · The Quiz Maker Business +2
Name of the Vulnerable Software and Affected Versions: The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 8.8.0 and earlier Business The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 21.8.0 and earlier Developer The Quiz Maker Business,...
SpringBoot-Blog 跨站脚本漏洞
SpringBoot-Blog is a Java blogging system for wand individual developers. A security vulnerability exists in SpringBoot-Blog version 1.0, which originates from the parameter content in file src/main/java/com/my/blog/website/controller/admin/PageController.java that can lead to a cross-site...
WordPress plugin Toggles Shortcode and Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
WordPress Waymark plugin <= 1.4.1 - Reflected Cross-Site Scripting via 'content' vulnerability
Reflected Cross-Site Scripting via 'content' vulnerability discovered by vgo0 in WordPress Plugin Waymark versions = 1.4.1...