CVE-2025-13589 Otsuka Information Technology｜FMS - Reflected Cross-site Scripting

FMS developed by Otsuka Information Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

EUVD-2002-0372

Malware in sbrugna...

EUVD-2002-0410

Malware in sbrugna...

EUVD-2015-0831

Malware in sbrugna...

EUVD-2001-1332

Malware in sbrugna...

EUVD-2020-11660

Malware in sbrugna...

EUVD-2004-2561

Malware in sbrugna...

EUVD-2020-3869

Malware in sbrugna...

EUVD-2001-1183

Malware in sbrugna...

EUVD-2019-0015

Malware in sbrugna...

EUVD-2025-31607

Malicious code in bioql PyPI...

CVE-2025-55474

Many Notes 0.10.1 is vulnerable to Cross Site Scripting XSS, which allows malicious Markdown files to execute JavaScript when viewed...

CVE-2025-34521

A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...

CVE-2025-8535

A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-40598

A Reflected cross-site scripting XSS vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...

CVE-2025-40724

Stored Cross-Site Scripting XSS vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the umedicinename parameter in /editmedicine.php. This vulnerability can be exploited to...

CVE-2025-46874

Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2025-46863 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2024-6533

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with...

CVE-2024-55341

A stored cross-site scripting XSS vulnerability in Piranha CMS 11.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by creating a page via the /manager/pages and then adding a markdown content with the XSS payload...