100 matches found
EUVD-2025-33381
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the input fields in Model Devices that, when visited by another user, enables the attacker to execute commands with the...
Juniper Networks Junos Space 跨站脚本漏洞
Juniper Networks Junos Space is a suite of network management solutions from Juniper Networks, Inc. The solution supports automated configuration, monitoring, and troubleshooting of devices and services throughout their lifecycle. A cross-site scripting vulnerability exists in Juniper Networks...
EUVD-2021-9437
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
EUVD-2021-26943
Malware in sbrugna...
EUVD-2025-28119
Malicious code in bioql PyPI...
EUVD-2025-30719
Malicious code in bioql PyPI...
EUVD-2025-28152
Malicious code in bioql PyPI...
EUVD-2025-29710
Malicious code in bioql PyPI...
CVE-2025-0876 XSS in Isin Basi Advertisement & IT's Workif
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Isin Basi Advertisement Information Technologies Trade Inc. IT's Workif allows Cross-Site Scripting XSS. This issue affects IT's Workif: through 20251003. NOTE: The vendor was contacted earl...
CVE-2025-11146
Reflected Cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts XSS in the web management application. The vulnerability is caused by improper handling of GET inputs included in the URL in “/acng-report.html”...
CVE-2025-58033
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leeshadle Draft website-builder allows Stored XSS.This issue affects Draft: from n/a through = 3.0.9...
CVE-2025-59574
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Travel Engine WP Travel Engine wte-elementor-widgets allows Stored XSS.This issue affects WP Travel Engine: from n/a through = 1.4.2...
CVE-2025-57935
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ricky Dawn Bot Block - Stop Spam Referrals in Google Analytics bot-block-stop-spam-google-analytics-referrals allows Stored XSS.This issue affects Bot Block - Stop Spam Referrals in Google Analytic...
CVE-2025-6575
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dolusoft Omaspot allows Reflected XSS.This issue affects Omaspot: before 12.09.2025...
CVE-2025-48103
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mulscully Today's Date Inserter todays-date-inserter allows Stored XSS.This issue affects Today's Date Inserter: from n/a through = 1.2.1...
PT-2025-36124
Name of the Vulnerable Software and Affected Versions: ARI Fancy Lightbox versions through 1.4.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, specifically a Stored Cross-site Scripting XSS issue. This allows for the injection of...
CVE-2025-49056
CVE-2025-49056 affects the WordPress plugin 多说社会化评论框 (versions n/a through 1.2). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. The CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with a base score of 7.1 ...
CVE-2024-30423
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.3.7...
CVE-2025-44880
A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input...
SambaBox 跨站脚本漏洞
SambaBox is a Samba-based file sharing server solution from SambaBox, Inc. A cross-site scripting vulnerability exists in SambaBox versions prior to 5.1, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...