CVE-2026-34907

Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting XSS due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim opens the link, the...

EUVD-2026-33903

Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting XSS due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim opens the link, the...

CVE-2026-34907

CVE-2026-34907 describes a Reflected Cross‑Site Scripting (XSS) vulnerability in Wirtualna Uczelnia caused by insecure handling of the locale parameter across multiple endpoints. An attacker can craft a URL with JavaScript in the locale parameter; when a victim opens the link, the injected script...

PT-2026-45724

Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting XSS due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim opens the link, the...

EUVD-2010-5318

Malware in sbrugna...

EUVD-2007-4765

Malware in sbrugna...

EUVD-2007-2514

Malware in sbrugna...

EUVD-2022-0094

Malicious code in bioql PyPI...

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

CVE-2010-20109

CVE-2010-20109 affects Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall before October 2010. The flaw is a path traversal in the view_help.cgi endpoint caused by improper sanitization of the locale parameter, allowing unauthenticated remote attackers to inject traversal sequ...

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

Linux Distros Unpatched Vulnerability : CVE-2018-14371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker...

WordPress plugin Booking Package 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Booking Package plugin <= 1.6.72 - Reflected Cross-Site Scripting via Locale Parameter vulnerability

Reflected Cross-Site Scripting via Locale Parameter vulnerability discovered by Krzysztof Zając in WordPress Plugin Booking Package versions = 1.6.72...

PT-2024-39751

Name of the Vulnerable Software and Affected Versions File Manager Pro – Filester plugin for WordPress versions up to, and including, 1.8.5 Description The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File Inclusion via the fm locale parameter. This allows...

PT-2024-39184 · WordPress · Advanced File Manager

Name of the Vulnerable Software and Affected Versions: Advanced File Manager plugin for WordPress versions up to, and including, 5.2.8 Description: The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion via the fma locale parameter. This allows authenticat...

Cookie Bar 跨站脚本漏洞

Cookie Bar is an Oveleon open source application for Contao. It allows visitors to define cookies and privacy settings for a website. Cookie Bar suffers from a cross-site scripting vulnerability that stems from the block/locale port not properly clearing the locale parameter, leading to reflected...

Code Injection

willdurand/js-translation-bundle is vulnerable to Code Injection. The vulnerability is due to a lack of validation of 'locale' parameter in 'Controller.php' file, which allows an attacker to inject javascript code...