Vvveb SQL注入漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s developers, used for building websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.3 had an SQL injection vulnerability. This vulnerability stemmed from an SQL injection issue on the front-end user order history page...

PT-2026-41360

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an authenticated SQL injection issue in the frontend user order history page in Vvveb CMS. A normal frontend user can log in and access /user/orders. The order by and...

CVE-2026-6997

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-6997

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-6997 BDCOM P3310D New RMON History cross site scripting

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-6997 BDCOM P3310D New RMON History cross site scripting

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

EUVD-2026-25676

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

Chamilo 安全漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.34 contained security vulnerabilities. These vulnerabilities were caused by improper encoding of input before rendering on the practice history page. This could lead to storage cross-site...

CVE-2025-15266

CVE-2025-15266 refers to the WordPress plugin GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation. It describes a Stored XSS in the chat message field across versions up to 1.1.7 due to insufficient input sanitization and output escaping, enabling unauthenticated attackers ...

PT-2026-2822

Name of the Vulnerable Software and Affected Versions GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress versions through 1.1.7 Description The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output...

CVE-2021-31904

In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page...

EUVD-2021-18779

Malware in sbrugna...

EUVD-2019-0167

Malware in sbrugna...

EUVD-2017-3347

Malware in sbrugna...

EUVD-2025-24630

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-1000559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command,...

CVE-2025-8919

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

CVE-2025-8919

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

CVE-2025-8919

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

CVE-2025-8919

Portabilis i-Diario (History Page component) up to version 1.6 is affected by a cross-site scripting vulnerability in the /objetivos-de-aprendizagem-e-habilidades file. The issue arises from manipulation of the código/objetivo habilidade parameter in an unknown function of the History Page, allow...