WP Recipe Maker <= 9.1.0 - Reflected XSS via Referer Header

The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. The Referer header value is used directly in the href attribute of the "Back"...

CVE-2020-36996

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

EUVD-2020-30963

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996 PHPFusion 9.03.50 - Persistent Cross-Site Scripting

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996 PHPFusion 9.03.50 - Persistent Cross-Site Scripting

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996

CVE-2020-36996 affects PHPFusion 9.03.50. The vulnerability is a persistent cross-site scripting flaw in the print.php page that fails to sanitize user-submitted forum messages. An attacker can inject JavaScript through forum content, which then executes when the print page is generated, enabling...

PHPFusion cross-site scripting vulnerabilities

PHPFusion is an open-source, lightweight content management system developed by Malaysia-based PHPFusion Company, based on MySQL and PHP. This system includes modules for news, articles, and forums. Version PHPFusion 9.03.50 contains a cross-site scripting vulnerability. This vulnerability arises...

PT-2026-5412

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

MiracleLinux 8 : ghostscript-9.27-12.el8 (AXSA:2024-8321:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8321:01 advisory. ghostscript: Divide by zero in epsprintpage in gdevepsn.c CVE-2020-21710 Tenable has extracted the preceding description block directly from the MiracleLinux...

EUVD-2025-201654

A vulnerability was identified in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. The impacted element is an unknown function of the file /admin/invoiceprint.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack...

EUVD-2024-28359

Malicious code in bioql PyPI...

EUVD-2025-30826

Malicious code in bioql PyPI...

PT-2025-39116

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A security flaw exists in SourceCodester Pet Grooming Management Software version 1.0. The issue involves SQL injection stemming from manipulation of the ID argument withi...

CVE-2024-30438

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Print Page block allows Stored XSS.This issue affects Print Page block: from n/a through 1.0.8...

CVE-2025-4713

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/print.php. The manipulation of the argument sid leads to sql injection. The attack may be initiated remotely. The exploit has been...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which originates from a SQL injection due to incorrect manipulation of the parameter sid in the file...

CVE-2025-4243

A vulnerability, which was classified as critical, has been found in code-projects Online Bus Reservation System 1.0. Affected by this issue is some unknown functionality of the file /print.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The...

Unspecified Vulnerability in CMSimple (CNVD-2026-00537)

CMSimple is a free content management system. An unspecified vulnerability exists in CMSimple, which can be exploited by an attacker to edit the log.php file via the print page...

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page...

CMSimple 安全漏洞

CMSimple is a free content management system from CMSimple open source. A security vulnerability exists in CMSimple version 5.16 that originates from allowing a user to edit the log.php file via the print page...