28 matches found
CVE-2025-12248
A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...
CVE-2025-12248 CLTPHP search.html sql injection
A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...
PT-2025-43905
Name of the Vulnerable Software and Affected Versions CLTPHP version 3.0 Description A security issue exists in CLTPHP 3.0 related to SQL injection. Manipulation of the keyword argument within an unknown function of the /home/search.html file can lead to exploitation. The attack can be performed...
CLTPHP Content Management System SQL注入漏洞
CLTPHP Content Management System is a content management system from the Chinese company CLTPHP. A SQL injection vulnerability exists in CLTPHP Content Management System version 3.0. The vulnerability stems from an incorrect manipulation of the parameter keyword in the file /home/search.html, whi...
EUVD-2025-4022
Malicious code in bioql PyPI...
EUVD-2024-34288
Malicious code in bioql PyPI...
CVE-2024-11889
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-25082
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082 WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search allows Stored XSS. This issue affects FlexIDX Home Search: from n/a through 2.1.2...
CVE-2025-25082 WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through = 2.1.2...
CVE-2025-25082
CVE-2025-25082 is a Stored XSS vulnerability affecting FlexIDX Home Search (WordPress plugin) up to version 2.1.2. The issue is categorized as Cross-Site Scripting in input handling during web page generation. Public details indicate the affected component is the FlexIDX Home Search plugin, with ...
WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin FlexIDX Home Search versions = 2.1.2...
CVE-2024-12502
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502
CVE-2024-12502 affects the My IDX Home Search WordPress plugin. Vector: Stored XSS via the homeasap-idx-landing shortcode in versions up to 2.0.1 due to insufficient input sanitization and output escaping on user attributes. Impact: authenticated attackers with contributor-level access can inject...
CVE-2024-12502 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12502 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889
CVE-2024-11889 concerns a Stored XSS in the WordPress plugin “My IDX Home Search.” According to the CVE description, the vulnerability exists in the plugin’s shortcodes, specifically the ‘homeasap-idx-search’ shortcode, allowing an authenticated attacker with contributor-level access or higher to...
CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...