36 matches found
CVE-2019-20389
An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the vlanguageswitch parameter within multipart/form-data, which is reflected back within a user's browser without proper output encoding...
EUVD-2025-24770
Malicious code in bioql PyPI...
EUVD-2025-28838
Malicious code in bioql PyPI...
CVE-2025-9357
CVE-2025-9357 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 routers (firmware versions 1.0.013.001, 1.0.04.001, 1.0.04.002, 1.1.05.003, 1.2.07.001). The vulnerability lies in the function langSwitchByBBS in the file /goform/langSwitchByBBS where manipulating the argument langSelection...
CVE-2025-49064
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...
CVE-2025-49064
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...
CVE-2025-49064 WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...
CVE-2025-49064
CVE-2025-49064 concerns the WordPress plugin User Language Switch . The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. Affected versions are: User Language Switch up to and including 1.6.10. External sources (PT Security...
CVE-2025-49064 WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through = 1.6.10...
PT-2025-33193 · Unknown · Webilop User Language Switch
Name of the Vulnerable Software and Affected Versions: Webilop User Language Switch versions through 1.6.10 Description: The software contains an improper neutralization of input during web page generation, which results in a reflected cross-site scripting XSS issue. Recommendations: Update to a...
WordPress plugin User Language Switch 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2025-8833
CVE-2025-8833 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801. The issue is in the langSwitchBack function (/goform/langSwitchBack); manipulating the langSelectionOnly parameter triggers a stack-based buffer overflow. It is a network-attackable flaw, with a publicly discl...
WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin User Language Switch versions = 1.6.10...
Keyboard language switching automatically on different applications inside the desktop ICA session
When switching between applications within the ICA desktop, the keyboard language is switched automatically...
Cross-site Scripting (XSS)
intelliants/subrion is vulnerable to cross-site scripting XSS. The vulnerability exists in the /panel/configuration/general page where the value of vlanguageswitch in multipart/form-data is improperly handled...
Subrion CMS Cross-Site Scripting Vulnerability (CNVD-2020-32356)
Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into a website and supports a variety of extensions plugins and more. A cross-site scripting vulnerability exists in the /panel/configuration/general settings page in Subrion CMS version...