46 matches found
CVE-2026-23725
WeGIA stores XSS in the Adopters Information page (html/pet/adotantes/cadastro_adotante.php and html/pet/adotantes/informacao_adotantes.php) where user input is rendered without sanitization, enabling persistent JavaScript execution for visitors. This vulnerability affects pre-3.6.2 versions and ...
EUVD-2017-6833
Malware in sbrugna...
EUVD-2025-25462
Malicious code in bioql PyPI...
CVE-2025-9720
A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The attack may be performe...
CVE-2025-9720
A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The attack may be performe...
CVE-2025-9720 Portabilis i-Educar Cadastrar tabela de arredondamento edit cross site scripting
A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The attack may be performe...
Portábilis i-Educar 安全漏洞
Portábilis i-Educar is an application from Portábilis. It can easily help you in basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10 and earlier, which stems from cross-site scripting due to incorrect manipulation of the parameter Nome in the file...
Portábilis i-Educar 安全漏洞
Portábilis i-Educar is an application from Portábilis. It can easily help you in basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10 and earlier, which stems from cross-site scripting due to incorrect manipulation of the parameter nome/formulaMedia i...
PT-2025-35394
Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A cross-site scripting issue exists in Portabilis i-Educar. The issue is related to the manipulation of the Nome argument within an unknown function of the /module/TabelaArredondamento/edit...
CVE-2025-57762
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting XSS vulnerability in the dependentedocdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected...
CVE-2025-57762
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting XSS vulnerability in the dependentedocdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected...
CVE-2025-57762 WeGIA Stored Cross-Site Scripting (XSS) vulnerability in the endpoint 'dependente_docdependente.php' with parameter 'nome'
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting XSS vulnerability in the dependentedocdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected...
CVE-2025-57762
CVE-2025-57762 : WeGIA, a web manager for charitable institutions, is vulnerable to a Stored Cross-Site Scripting (XSS) in the endpoint dependente_docdependente.php via the nome parameter. The vulnerability is triggered when untrusted input is stored on the server and later executed automatically...
CVE-2025-57762 WeGIA Stored Cross-Site Scripting (XSS) vulnerability in the endpoint 'dependente_docdependente.php' with parameter 'nome'
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting XSS vulnerability in the dependentedocdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected...
WeGIA 安全漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.4.7, which stems from the presence of stored cross-site scripting in the nome parameter in the dependentedocdependente.php endpoint, which coul...
CVE-2025-8784
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...
CVE-2025-8784
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...
CVE-2025-8784 Portabilis i-Educar Cadastrar Vínculo funcionario_vinculo_cad.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...
CVE-2025-8784 Portabilis i-Educar Cadastrar Vínculo funcionario_vinculo_cad.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...
CVE-2025-8784
Portabilis i-Educar (up to 2.9) is affected by a cross-site scripting vulnerability in the Cadastrar Vínculo Page, due to manipulation of the nome parameter in /intranet/funcionario_vinculo_cad.php. The issue can be exploited remotely, and public disclosures exist. Remediation: upgrade to a newer...