29 matches found
EUVD-2026-18225
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
CVE-2026-5332
A vulnerability is identified in Xiaopi Panel 1.0.0 affecting the WAF Firewall component, specifically the /demo.php file. The issue arises from manipulation of the param argument, enabling cross-site scripting. Remote exploitation is possible, and an exploit is publicly available. The vendor was...
PT-2026-29739
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
EUVD-2019-17083
Malware in sbrugna...
EUVD-2023-50711
Malicious code in bioql PyPI...
CVE-2025-6457
CVE-2025-6457 affects code-projects Online Hotel Reservation System 1.0. The vulnerability lies in /reservation/demo.php where the Start parameter is unsafely handled, allowing remote SQL injection. Exploitation is possible and has been disclosed. Several sources (including PT-Security and CNVD) ...
CVE-2023-46505
Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...
CVE-2023-46505
Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...
Cross site scripting
Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...
CVE-2023-46505
FanCMS v1.0.0 is affected by a Cross Site Scripting (XSS) vulnerability that allows an attacker to execute arbitrary code via the content1 parameter in demo.php. Root cause is input handling in the content1 parameter leading to script execution. Impact is the ability to run code in the context of...
CVE-2023-46505
Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...
CVE-2023-46505
Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7543
KindEditor 4.1.11 is affected by a reflected XSS via the php/demo.php content1 parameter. The vulnerability allows an attacker to inject JavaScript that executes in the victim’s browser, potentially leading to session hijacking, defacement, or theft of sensitive information. Root cause: improper ...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
Design/Logic Flaw
An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo.php Tid parameter...
CVE-2018-20476
An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo.php Tid parameter...
CVE-2018-20476
Affected software: S-CMS 3.0. The vulnerability is an XSS in admin/demo.php via the T_id parameter, caused by inadequate input filtering of T_id. Impact: remote attackers can inject arbitrary Web script or HTML that executes in the context of a user’s browser. Exploitation: described as XSS via t...
CVE-2018-20476
An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo.php Tid parameter...
cmseasy demo.php 反射型XSS漏洞
No description provided by source...