35 matches found
PT-2026-48981
Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 through 2026.3.0 Discourse versions 2026.4.0 through 2026.4.0 Description Group owners who are not administrators or moderators can view a group's outgoing email and SMTP...
CVE-2026-22231
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231 OPEXUS eCASE Audit Document Check Out stored XSS
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231 OPEXUS eCASE Audit Document Check Out stored XSS
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231
OPEXUS eCASE Audit is affected by a stored XSS in the Document Check Out comments. An authenticated attacker can save JavaScript as a comment, which is executed when another user views the Action History Log. Affected product: OPEXUS eCASE Audit (server-side application). Root cause: stored JavaS...
EUVD-2025-17521
Malicious code in bioql PyPI...
EUVD-2025-9450
Malicious code in bioql PyPI...
EUVD-2023-57422
Malicious code in bioql PyPI...
CVE-2025-47598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-47598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-47598 WordPress History Log by click5 plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-47598 WordPress History Log by click5 <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in click5 History Log by click5 allows Stored XSS. This issue affects History Log by click5: from n/a through 1.0.13...
CVE-2025-47598
CVE-2025-47598 affects WordPress plugin History Log by click5 (versions up to and including 1.0.13). The vulnerability is an Stored Cross-Site Scripting (XSS) flaw caused by improper input neutralization during web page generation. An attacker could inject malicious scripts that are stored and la...
WordPress plugin History Log by click5 跨站脚本漏洞
WordPress History Log by click5 is a plugin for tracking user activity and logging changes to your website. A cross-site scripting vulnerability exists in WordPress History Log by click5. The vulnerability stems from improper input neutralization and can be exploited by an attacker to execute...
CVE-2025-31531
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in click5 History Log by click5 history-log-by-click5 allows SQL Injection.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-31531
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in click5 History Log by click5 history-log-by-click5 allows SQL Injection.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-31531 WordPress History Log by click5 plugin <= 1.0.13 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in click5 History Log by click5 history-log-by-click5 allows SQL Injection.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-31531 WordPress History Log by click5 plugin <= 1.0.13 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in click5 History Log by click5 history-log-by-click5 allows SQL Injection.This issue affects History Log by click5: from n/a through = 1.0.13...
CVE-2025-31531
CVE-2025-31531: History Log by click5 plugin is affected by an Unauthenticated SQL Injection. Affected software/version: History Log by click5