91 matches found
EUVD-2007-2198
Malware in sbrugna...
EUVD-2020-10401
Malware in sbrugna...
EUVD-2003-1286
Malware in sbrugna...
EUVD-2006-0157
Malware in sbrugna...
EUVD-2003-0760
Malware in sbrugna...
EUVD-2024-53134
Malicious code in bioql PyPI...
EUVD-2022-1765
Malicious code in bioql PyPI...
EUVD-2022-39790
Malicious code in bioql PyPI...
EUVD-2022-35136
Malicious code in bioql PyPI...
EUVD-2025-28010
Malicious code in bioql PyPI...
CVE-2025-40989
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
Cross-Site Scripting (Reflected XSS)
com.liferay, com.liferay.layout.taglib is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper validation of the embedded message field in the form container, which allows an attacker to inject and execute arbitrary JavaScript in a victim’s browser...
Linux Distros Unpatched Vulnerability : CVE-2019-7335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Lo...
GHSA-R367-Q549-PGR5 Liferay Portal Reflected Cross-Site Scripting Vulnerability via Form Container
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 update 32 through update ...
Liferay Portal Reflected Cross-Site Scripting Vulnerability via Form Container
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 update 32 through update ...
CVE-2025-43753
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 update 32 through update ...
CVE-2025-43753
The CVE-2025-43753 entry describes a reflected XSS in Liferay products where a remote authenticated user can inject JavaScript into the embedded message field from the form container. Affected products include: Liferay Portal 7.4.3.32–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.7 , plus older qua...
PT-2025-34313 · Liferay · Liferay Portal +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.32 through 7.4.3.132 Liferay DXP versions 2025.Q1.0 through 2025.Q1.7 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q2.1 through...
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2022-37137
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting XSS during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the vi...