187 matches found
GHSA-H369-CPJJ-QFFF phppgadmin vulnerable to Cross-site Scripting
phpPgAdmin versions 7.13.0 and earlier contain multiple cross-site scripting XSS vulnerabilities across various components. User-supplied inputs from $REQUEST parameters are reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php...
phppgadmin vulnerable to Cross-site Scripting
phpPgAdmin versions 7.13.0 and earlier contain multiple cross-site scripting XSS vulnerabilities across various components. User-supplied inputs from $REQUEST parameters are reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php...
JLSEC-2025-84 An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7
An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...
EUVD-2020-23277
Malware in sbrugna...
EUVD-2021-0034
Malware in sbrugna...
EUVD-2017-16915
Malware in sbrugna...
EUVD-2019-0465
Malware in sbrugna...
EUVD-2022-25168
Malicious code in bioql PyPI...
EUVD-2022-5981
Malicious code in bioql PyPI...
EUVD-2024-27395
Malicious code in bioql PyPI...
EUVD-2023-43086
Malicious code in bioql PyPI...
DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt module
Summary The Prompt module allows execution of commands that can return raw HTML. Malicious input, even if sanitized for display elsewhere, can be executed when processed through certain commands, leading to potential script execution XSS. Description The application sanitizes most user-submitted...
Linux Distros Unpatched Vulnerability : CVE-2023-39510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...
CVE-2025-49587 XWiki does not require right warnings for notification displayer objects
XWiki is an open-source wiki software platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as raw HTML, allowing X...
CVE-2025-49587 XWiki does not require right warnings for notification displayer objects
XWiki is an open-source wiki software platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as raw HTML, allowing X...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
CVE-2025-21572
OpenGrok 1.13.25 has a reflected Cross-Site Scripting XSS issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output...
CVE-2025-21572
CVE-2025-21572 affects OpenGrok 1.13.25. The vulnerability is a reflected Cross-Site Scripting (XSS) in the history view page caused by improper handling of path segments, resulting in unsanitized user input being reflected in HTML output. Reported impact per CVSS: MEDIUM (6.1), with network atta...
CVE-2025-21572
OpenGrok 1.13.25 has a reflected Cross-Site Scripting XSS issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output...
PT-2025-18925 · Opengrok · Opengrok
Name of the Vulnerable Software and Affected Versions: OpenGrok version 1.13.25 Description: The issue is a reflected Cross-Site Scripting XSS problem that occurs when the application generates the history view page. This happens due to improper handling of path segments, causing the application ...