CVE-2026-30162

Cross Site Scripting xss vulnerability in Timo 2.0.3 via crafted links in the title field...

EUVD-2010-4746

Malware in sbrugna...

CVE-2024-27756

GLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating collaborative Web applications. A security vulnerability exists in XWiki Platform that originates from a remote code execution that can be triggered in a search in XWiki by creating a document with a specially crafted...

UBUNTU-CVE-2024-27756

GLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title...

CVE-2024-27756

GLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title...

CVE-2024-27756

GLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title...

PT-2023-9238 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 7.2-rc-1 through 4.10.19 XWiki Platform versions 15.5.3 and earlier XWiki Platform versions prior to 15.10-rc-1 Description: The issue is related to the execution of arbitrary code in the XWiki Platform due to improper...

CVE-2020-23327

Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...

SUSE CVE-2018-1000559

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

Notable 安全漏洞

Notable is a Markdown-based note-taking software with cross-platform support from the individual developers of Notable. A security vulnerability exists in Notable version 1.8.4, which stems from unfiltered text editing and allows an attacker to execute arbitrary code via a crafted payload injecte...

CVE-2008-5718

The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title...

UBUNTU-CVE-2018-1000559

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

CVE-2018-1000559

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

Design/Logic Flaw

index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message...

Ubuntu Update for moin vulnerabilities USN-925-1

Ubuntu Update for Linux kernel vulnerabilities USN-925-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9251.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for moin vulnerabilities USN-925-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2008-5718

The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title...

rmeasymail-xss.txt

RM EasyMail Plus - Cross-Site Scripting Vulnerability 2 This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title. Vulnerable E-Mail Title: alert1 Vulnerable: RM EasyMail Plus Google d0rk: intitle:"Powered by RM EasyMail Plus" John Martinel...