Linux Distros Unpatched Vulnerability : CVE-2016-4561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web scri...

Linux Distros Unpatched Vulnerability : CVE-2005-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

Linux Distros Unpatched Vulnerability : CVE-2013-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote...

Online Banquet Booking System Cross-Site Scripting Vulnerability

Online Banquet Booking System is an online banquet booking system. A cross-site scripting vulnerability exists in Online Banquet Booking System, which originates from the failure to strictly filter the adminname parameter in the /admin/admin-profile.php file. An attacker can exploit this...

PHPGurukul Taxi Stand Management System 代码注入漏洞

Taxi Stand Management System is a cab stand management system. The Taxi Stand Management System suffers from a cross-site scripting vulnerability that originates from the adminname parameter in the /admin/admin-profile.php file not effectively filtering user input. An attacker can exploit this...

CVE-2025-50056

A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter...

CVE-2025-50056

A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter...

CVE-2025-50126

CVE-2025-50126 describes a stored XSS vulnerability in RSBlog! for Joomla, affecting versions 1.11.6–1.14.5. The issue arises from improper handling of the jform[tags_text] parameter, allowing remote authenticated users to inject arbitrary web script or HTML. Multiple connected sources corroborat...

CVE-2025-50056 Extension - rsjoomla.com - Reflected XSS vulnerability RSMail! component 1.19.20-1.22.28 for Joomla

A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter...

PT-2025-30024 · Rsjoomla · Rsmail!

Name of the Vulnerable Software and Affected Versions: RSMail! versions 1.19.20 through 1.22.26 Description: A reflected cross-site scripting XSS issue exists in the RSMail! component for Joomla. The issue allows remote attackers to inject arbitrary web script or HTML via a manipulated parameter...

CVE-2025-53926

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests, therefo...

CVE-2025-53926 Emlog has Stored Cross-site Scripting vulnerability due to error

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests, therefo...

emlog 安全漏洞

emlog is emlog open source a PHP and MySQL based CMS website builder. A security vulnerability exists in emlog pro-2.5.17 and earlier versions, which stems from insufficient keyword parameter cleanup, and could lead to a remote attacker injecting arbitrary Web scripts...

PT-2025-29838 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: Emlog versions through 2.5.17 Description: Emlog is a website building system. A cross-site scripting XSS issue exists in versions up to and including 2.5.17, allowing remote attackers to inject arbitrary web script or HTML via the comment an...

CVE-2025-28245

Cross-site scripting XSS vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the notification body...

The vulnerability of the General HTML Support function (GHS) and the HTML embed panel in the Block Toolbar of the CKEditor editor allows attackers to execute XSS attacks.

The vulnerability of the General HTML Support function and the HTML embed panel in the Block Toolbar WYSIWYG-editor CKEditor is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability may allow a malicious actor to carry out XSS attacks remotely...

CVE-2025-25905

Cross-Site Scripting XSS vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter...

CVE-2025-23200

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameter: ajaxform.php - param: state. Librenms versions up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page...

CVE-2024-47854

An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user...

CVE-2024-30848

Cross-site scripting XSS vulnerability in SilverSky E-mail service version 5.0.3126 allows remote attackers to inject arbitrary web script or HTML via the version parameter...