CVE-2026-25346

CVE-2026-25346 is an unauthenticated stored XSS vulnerability in the WordPress plugin FAQ Builder AYS (AYS faq-builder-ays), affecting versions from n/a up to and including 1.8.2. The CVE entry uses CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with a base score of 7.1 (HIGH). Connected sources co...

CVE-2026-25402

CVE-2026-25402 affects the WordPress plugin “Knowledge Base for Documentation, FAQs with AI Assistance” (echo-knowledge-base) up to version 16.011.0. Root cause is Missing Authorization / broken access control allowing exploitation due to incorrectly configured access levels. Impact is limited to...

EUVD-2025-25905

Malicious code in bioql PyPI...

CVE-2025-57425

A Stored Cross-Site Scripting XSS vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint...

CISA: FY 2025 Tribal Cybersecurity Grant Program FAQs

This is the CISA FAQ for the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments addressing cybersecurity risks and threats to their information systems. This is an updated copy...

Citrix Customer Success Services Selectにおける構成とインストールの問題に関するお問合せについて

構成とインストールの問題に関するサポートの対応範囲、FAQ をご案内します...

テクニカル サポートの対応範囲および Q＆A

この文書では、テクニカルサポートの対応範囲および頻繁に寄せられる質問について記載しています。...

How to Deploy Secure Mail Test Tool

This article details how to deploy Secure Mail Test Tool and also covers some of the frequently asked question about this tool...

CVE-2024-2069

A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

FAQ Management System Cross-Site Scripting Vulnerability

FAQ Management System is a FAQ management system by Remy Andrade, a personal developer. A cross-site scripting vulnerability exists in version 1.0 of the FAQ Management System, which stems from the parameter Frequently Asked Question in the component Update FAQ that causes cross-site scripting...

PT-2023-22501 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.14 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when admins create a FAQ News and can pass malicious scripts to the text of the record section. This allows for th...

PrestaSHp faqs SQL注入漏洞

PrestaSHp faqs is a FAQ page from PrestaSHp. A security vulnerability exists in PrestaSHp faqs version v.3.1.6, which stems from the discovery of a contained elevation of privilege vulnerability via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

[SECURITY] [DLA 2740-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2740-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 12, 2021 https://wiki.debian.org/LTS -...

Dockerfiles

This repository is a collection of Dockerfiles for CTF Capture The Flag challenges running on SniperOJ. The Dockerfiles are used to build a vulnerable environment for the challenges, which can be solved by participants. The repository contains various challenges, including web-based and pwn...

[SECURITY] [DLA 2297-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2297-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 29, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2158-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u9 CVE ID : CVE-2016-2338 An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructe...

[SECURITY] [DLA 2133-1] tomcat7 security update

Package : tomcat7 Version : 7.0.56-3+really7.0.100-1 CVE ID : CVE-2019-17569 CVE-2020-1935 CVE-2020-1938 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2019-17569 The refactoring in 7.0.98 introduced a regression. The result of the regression was...

[SECURITY] [DLA 2087-1] suricata security update

Package : suricata Version : 2.0.7-2+deb8u5 CVE ID : CVE-2019-18625 CVE-2019-18792 Two vulnerabilities have recently been discovered in the stream-tcp code of the intrusion detection and prevention tool Suricata. CVE-2019-18625 It was possible to bypass/evade any tcp based signature by faking a...

Frequently Asked Questions - Critical - Unsupported - SA-CONTRIB-2019-077

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...

[SECURITY] [DLA 1727-1] firefox-esr security update

Package : firefox-esr Version : 60.6.1esr-1deb8u1 CVE ID : CVE-2019-9810 CVE-2019-9813 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 "Jessie", these problems have been fixed in version...