CVE-2026-48597

creationtimestamp| type| source ---|---|--- 2026-06-02 20:46:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndhnkma2l2j 2026-06-02 20:46:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndhnkma2l2j...

CVE-2026-7312

creationtimestamp| type| source ---|---|--- 2026-06-02 18:01:35+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnd6h2hiip2w 2026-06-03 02:00:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndz7plsio22 2026-06-04 14:37:07+00:00| seen|...

CVE-2018-25382

Zechat 1.5 contains an SQL injection in the uname parameter that allows unauthenticated attackers to extract database information by injecting SQL through profile.php. The described payloads use UNION-based injections to enumerate table names, column names, and sensitive data from information_sch...

PT-2026-44860

Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the uname parameter. Attackers can send crafted requests to profile.php with UNION-based SQL injection payloads to retrieve table names, column...

CVE-2024-47097

creationtimestamp| type| source ---|---|--- 2026-05-28 11:58:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvxsm7e2o2e...

CVE-2026-42197

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

EUVD-2026-32627

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

CVE-2026-42197 RELATE Vulnerable to Stored XSS via Unprivileged User Profile

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

PT-2026-44073

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

CVE-2018-25343

Technical details for CVE-2018-25343 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-45228

creationtimestamp| type| source ---|---|--- 2026-05-14 01:10:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlrn4aysf72e...

Liberapay: Liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link

The profile of a Liberapay team member contained a link to an expired Twitter account, creating a broken link hijacking vulnerability. The expired Twitter account link was displayed on the member's Liberapay profile and donation page, falsely confirming to donors that the account was legitimate a...

EUVD-2026-28392

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

CVE-2026-36388

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

CVE-2026-36388

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

PHPGurukul Hospital Management System 跨站脚本漏洞

PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL technologies. The PHPGurukul Hospital Management System v4.0 version has a cross-site scripting vulnerability. This vulnerability stems from the...

PT-2026-38450

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

CVE-2026-36388

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

CVE-2026-36388

A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...

CVE-2018-25261

creationtimestamp| type| source ---|---|--- 2026-04-22 16:26:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3vyiwriq2p 2026-04-22 19:13:32+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mk47dxvtxa25 2026-05-28 19:37:07+00:00| seen|...