CVE-2025-34259

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicemap/building endpoint. When an authenticated user creates a map entry, the name parameter is stored and later rendered in the map list UI without HTML sanitzation. An...

CVE-2021-24383

The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

PT-2021-15916 · Unknown · Wp Google Maps

Name of the Vulnerable Software and Affected Versions: WP Google Maps versions prior to 8.1.12 Description: The issue is related to an authenticated Stored Cross-Site Scripting problem. It occurs because the Map Name is not properly sanitised, validated, or escaped when it is output in the Map Li...

Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure

source: https://www.securityfocus.com/bid/2074/info Microsoft Internet Information Server IIS is a popular web server, providing support for a variety of scripting languages, including ASP active server pages. IIS 2.0 and 3.0 suffer from an issue allowing a remote user to retrieve the source code...