28 matches found
CVE-2025-12248
A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...
CVE-2025-12248 CLTPHP search.html sql injection
A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...
CLTPHP Content Management System SQL注入漏洞
CLTPHP Content Management System is a content management system from the Chinese company CLTPHP. A SQL injection vulnerability exists in CLTPHP Content Management System version 3.0. The vulnerability stems from an incorrect manipulation of the parameter keyword in the file /home/search.html, whi...
PT-2025-43905
Name of the Vulnerable Software and Affected Versions CLTPHP version 3.0 Description A security issue exists in CLTPHP 3.0 related to SQL injection. Manipulation of the keyword argument within an unknown function of the /home/search.html file can lead to exploitation. The attack can be performed...
EUVD-2025-4022
Malicious code in bioql PyPI...
EUVD-2024-34288
Malicious code in bioql PyPI...
CVE-2024-11889
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-25082
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082 WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082 WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search allows Stored XSS. This issue affects FlexIDX Home Search: from n/a through 2.1.2...
CVE-2025-25082
CVE-2025-25082 is a Stored XSS vulnerability affecting FlexIDX Home Search (WordPress plugin) up to version 2.1.2. The issue is categorized as Cross-Site Scripting in input handling during web page generation. Public details indicate the affected component is the FlexIDX Home Search plugin, with ...
WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin FlexIDX Home Search versions = 2.1.2...
CVE-2024-12502
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502
CVE-2024-12502 affects the My IDX Home Search WordPress plugin. Vector: Stored XSS via the homeasap-idx-landing shortcode in versions up to 2.0.1 due to insufficient input sanitization and output escaping on user attributes. Impact: authenticated attackers with contributor-level access can inject...
CVE-2024-12502 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889
CVE-2024-11889 concerns a Stored XSS in the WordPress plugin “My IDX Home Search.” According to the CVE description, the vulnerability exists in the plugin’s shortcodes, specifically the ‘homeasap-idx-search’ shortcode, allowing an authenticated attacker with contributor-level access or higher to...