158 matches found
EUVD-2024-45679
Malicious code in bioql PyPI...
EUVD-2024-26760
Malicious code in bioql PyPI...
EUVD-2025-19996
Malicious code in bioql PyPI...
EUVD-2024-37563
Malicious code in bioql PyPI...
EUVD-2025-19018
Malicious code in bioql PyPI...
EUVD-2024-35446
Malicious code in bioql PyPI...
EUVD-2024-52928
Malicious code in bioql PyPI...
EUVD-2024-44846
Malicious code in bioql PyPI...
EUVD-2024-45723
Malicious code in bioql PyPI...
EUVD-2024-52557
Malicious code in bioql PyPI...
EUVD-2021-30034
Malicious code in bioql PyPI...
CVE-2025-8079 Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS. This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...
PT-2025-39053
Name of the Vulnerable Software and Affected Versions PenciDesign Penci Filter Everything affected versions not specified Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue...
CVE-2025-58867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Download Media Counter easy-download-media-counter allows Stored XSS.This issue affects Easy Download Media Counter: from n/a through = 1.2...
aide: improper output neutralization enables bypassing
A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...
WordPress plugin Inspectlet User Session Recording and Heatmaps 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
CVE-2025-6948
Summary: CVE-2025-6948 affects GitLab CE/EE releases prior to 17.11.6, 18.0.4, and 18.1.2. The issue is due to improper handling of input that, under certain conditions, could allow an attacker to execute actions on behalf of users by injecting malicious content (a cross-site scripting scenario)....
CVE-2025-27361
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thhake Photo Express for Google photo-express-for-google allows Reflected XSS.This issue affects Photo Express for Google: from n/a through = 0.3.2...
CVE-2025-31925 WordPress SHOUT plugin <= 3.5.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup SHOUT lbg-audio8-html5-radioads allows Reflected XSS.This issue affects SHOUT: from n/a through = 3.5.3...
CVE-2024-38866 Livestatus Injection in dynmaps
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection...