Lucene search
K

36 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.7 views

CVE-2019-20389

An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the vlanguageswitch parameter within multipart/form-data, which is reflected back within a user's browser without proper output encoding...

6.1CVSS6.1AI score0.00949EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24770

Malicious code in bioql PyPI...

7.1CVSS4.6AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-28838

Malicious code in bioql PyPI...

9CVSS8.8AI score0.009EPSS
Exploits1References6
CVE
CVE
added 2025/08/23 6:2 a.m.31 views

CVE-2025-9357

CVE-2025-9357 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 routers (firmware versions 1.0.013.001, 1.0.04.001, 1.0.04.002, 1.1.05.003, 1.2.07.001). The vulnerability lies in the function langSwitchByBBS in the file /goform/langSwitchByBBS where manipulating the argument langSelection...

9CVSS7.2AI score0.009EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-49064

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.3 views

CVE-2025-49064

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...

7.1CVSS0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.3 views

CVE-2025-49064 WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.10 views

CVE-2025-49064

CVE-2025-49064 concerns the WordPress plugin User Language Switch . The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. Affected versions are: User Language Switch up to and including 1.6.10. External sources (PT Security...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.11 views

CVE-2025-49064 WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...

7.1CVSS0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33193 · Unknown · Webilop User Language Switch

Name of the Vulnerable Software and Affected Versions: Webilop User Language Switch versions through 1.6.10 Description: The software contains an improper neutralization of input during web page generation, which results in a reflected cross-site scripting XSS issue. Recommendations: Update to a...

7.1CVSS6.1AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

WordPress plugin User Language Switch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

7.1CVSS4.2AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 6:2 a.m.24 views

CVE-2025-8833

CVE-2025-8833 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801. The issue is in the langSwitchBack function (/goform/langSwitchBack); manipulating the langSelectionOnly parameter triggers a stack-based buffer overflow. It is a network-attackable flaw, with a publicly discl...

9CVSS7.1AI score0.00902EPSS
Exploits1References6Affected Software1
Patchstack
Patchstack
added 2025/08/07 11:28 a.m.6 views

WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin User Language Switch versions = 1.6.10...

7.1CVSS4.1AI score0.00213EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2023/12/12 12:0 a.m.8 views

Keyboard language switching automatically on different applications inside the desktop ICA session

When switching between applications within the ICA desktop, the keyboard language is switched automatically...

7.1AI score
Exploits0
Veracode
Veracode
added 2020/05/18 8:30 a.m.20 views

Cross-site Scripting (XSS)

intelliants/subrion is vulnerable to cross-site scripting XSS. The vulnerability exists in the /panel/configuration/general page where the value of vlanguageswitch in multipart/form-data is improperly handled...

6.1CVSS1AI score0.00949EPSS
Exploits2References2Affected Software1
CNVD
CNVD
added 2020/05/18 12:0 a.m.3 views

Subrion CMS Cross-Site Scripting Vulnerability (CNVD-2020-32356)

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into a website and supports a variety of extensions plugins and more. A cross-site scripting vulnerability exists in the /panel/configuration/general settings page in Subrion CMS version...

6.1CVSS6.4AI score0.00949EPSS
Exploits2References1
Rows per page
Query Builder