1275 matches found
EUVD-2026-27017
PPTAgent: Arbitrary File Write via savegeneratedslides...
GeoVision LPC2011和GeoVision LPC2211 跨站脚本漏洞
Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain a cross-site scripting vulnerability. This vulnerability stems from the ssi.cgi function in the Web Interface, whi...
GeoVision LPC2011和GeoVision LPC2211 跨站脚本漏洞
Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contains a cross-site scripting vulnerability. This vulnerability stems from multiple reflective cross-site script...
PT-2026-36858
Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the save generated slides function. Recommendations Update to...
WordPress多款产品 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
WSO2 Identity Server 跨站脚本漏洞
WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a cross-site scripting vulnerability. This vulnerability arises from the fact that the authentication endpoint accepts user input without enforcing the expected verification...
xss
CSS Style Sheet Mutation alert"This is a test" alert"...
Silverpeas Core 跨站脚本漏洞
Silverpeas Core is an open-source project developed by Silverpeas, used for building and running collaborative and social web portals. Versions of Silverpeas Core prior to 6.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the AdvancedSearch feature having...
Semantic MediaWiki 跨站脚本漏洞
Semantic MediaWiki is an open-source extension of Semantic MediaWiki that stores and queries data within wiki pages. Semantic MediaWiki has a cross-site scripting vulnerability. This vulnerability stems from the endpoint parameters in /index.php/Speciaal:GefacetteerdZoeken, which allow for...
Adobe Connect 跨站脚本漏洞
Adobe Connect is a software developed by Adobe, a company based in America, used to create meeting environments. The Adobe Connect version 2025.3, along with versions 12.10 and earlier, contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflective cross-site scripti...
Joomla VirtueMart Shopping-Cart 跨站脚本漏洞
Joomla VirtueMart Shopping-Cart is an open-source e-commerce shopping cart and online store management extension for VirtueMart. Version 4.0.12 of Joomla VirtueMart Shopping-Cart contains a cross-site scripting vulnerability, which stems from improper handling of the keyword parameter. This...
Joomla JLex Review 跨站脚本漏洞
Joomla JLex Review is an open-source user comment and rating management extension developed by JLxeArt. Version 6.0.1 of Joomla JLex Review contains a cross-site scripting vulnerability, which stems from improper handling of the reviewid parameter. This vulnerability may lead to reflective...
Clickedu 跨站脚本漏洞
Clickedu is an academic management platform operated by Clickedu Corporation. Clickedu has a cross-site scripting vulnerability. This vulnerability stems from a reflective cross-site scripting flaw in the endpoint/user.php file. It may allow attackers to execute JavaScript code in the victim’s...
CVE-2026-33911
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the POST parameter title is reflected back in a JSON response built with jsonencode. Because the response is served with a text/html Content-Type, the browser...
Support Board 跨站脚本漏洞
Support Board is a sales chat software developed by the British company Support Board. Version 3.7.7 of Support Board contains a cross-site scripting vulnerability, which stems from incorrect handling of the parameter 'search' in the file /supportboard/include/articles.php. This vulnerability may...
WordPress plugin Reebox 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
WordPress plugin Boutique 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
WeGIA 跨站脚本漏洞
WeGIA is a network manager for the welfare institution developed by Nilson Lazarin. Versions of WeGIA 3.6.6 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflective cross-site scripting vulnerability in the listarmemorandosativos.php endpoint, which...
Gainsight Assist 安全漏洞
Gainsight Assist is a customer communication template management tool developed by Gainsight Inc. There is a security vulnerability in Gainsight Assist, which stems from improper handling of the errordescription parameter. This vulnerability may lead to reflective cross-site scripting attacks...
LASS 跨站脚本漏洞
LASS is an open-source environmental monitoring sensor network system developed by LinkItONEDevGroup. Versions of LASS starting from f06bd20 and earlier have a cross-site scripting vulnerability. This vulnerability stems from the PM25.php file, which contains a reflective cross-site scripting...