Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from reflective cross-site scripts present in antispyware endpoint...

WordPress plugin Download Manager 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension that can ...

IPFire 跨站脚本漏洞

IPFire is an open-source Linux distribution developed by the IPFire organization. It is primarily used as a router and firewall. IPFire has a cross-site scripting vulnerability, which stems from insufficient validation of parameters such as HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost,...

Smoothwall Express 跨站脚本漏洞

Smoothwall Express is an open-source firewall operating system based on GNU/Linux, developed by Smoothwall. Version 3.1-SP4-polar-x8664-update9 of Smoothwall Express contains a cross-site scripting vulnerability. This vulnerability stems from multiple reflective cross-site scripting vulnerabiliti...

Dassault Systèmes ENOVIAvpm Web Access 安全漏洞

Dassault Systèmes ENOVIAvpm Web Access is a product lifecycle management system developed by Dassault Systèmes, a French company. Dassault Systèmes ENOVIAvpm Web Access has a security vulnerability that stems from reflective cross-site scripting. This vulnerability could allow attackers to execut...

WordPress plugin Address Bar Ads 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

MiniGal Nano 跨站脚本漏洞

MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir parameter in the index.php file, which allowed for reflective cross-site scripting,...

Silicon Labs Simplicity Device Manager Tool 安全漏洞

The Silicon Labs Simplicity Device Manager Tool is a hardware enumeration, configuration, and fault-diagnosis tool developed by Silicon Labs, Inc. The tool has a security vulnerability caused by reflective cross-site scripting in multiple API endpoints. This vulnerability could allow attackers to...

CVE-2025-71179

Creativeitem Academy LMS 7.0 contains reflected Cross-Site Scripting XSS vulnerabilities via the search parameter to the /academy/blogs endpoint, and the string parameter to the /academy/coursebundles/search/query endpoint. These vulnerabilities are distinct from the patch for CVE-2023-4119, whic...

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

Creativeitem Academy LMS 安全漏洞

Creativeitem Academy LMS is an online learning management system provided by the Bangladeshi company Creativeitem. Version 7.0 of Creativeitem Academy LMS contains a security vulnerability. This vulnerability stems from insufficient validation of the string parameters in the /academy/blogs endpoi...

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.8 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of raw filters during error message display, which allowed for skipping...

Affiliate Pro 跨站脚本漏洞

Affiliate Pro is an alliance management system developed by JD Web Designer individuals. Version 1.7 of Affiliate Pro contains a cross-site scripting vulnerability. This vulnerability stems from multiple reflective cross-site scripting vulnerabilities in the input fields of the indexing module,...

ShellExploit

This project is no longer supported PowerSploit is a col...

WordPress plugin Vzaar Media Management has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WellChoose Single Sign-On Portal System Cross-Site Script Vulnerabilities

WellChoose Single Sign-On Portal System is a single-sign-on portal system developed by WellChoose, a company based in Taiwan, China. The WellChoose Single Sign-On Portal System has a cross-site scripting vulnerability. This vulnerability stems from the presence of reflective cross-site scripts,...

WordPress plugin Grand Spa has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin flexo-posts-manager has cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin Netgsm has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...

WordPress plugin Hoteller has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...