4531 matches found
CVE-2022-42117
A Cross-site scripting XSS vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote attackers to inject arbitrary web script or HTML...
CVE-2022-42114
A Cross-site scripting XSS vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 through 7.4.3.36, and Liferay DXP 7.4 before update 37 allows remote attackers to inject arbitrary web script or HTML...
CVE-2008-6278
Multiple cross-site scripting XSS vulnerabilities in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 categoryid and 2 subcategoryid parameters...
CVE-2019-11398
Multiple cross-site scripting XSS vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon...
CVE-2019-20375
A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization loc command to elogd.c...
CVE-2011-0286
Cross-site scripting XSS vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion RIM BlackBerry Enterprise Server BES software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote...
CVE-2025-23201
librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to Cross-site Scripting XSS on the parameters:/addhost - param: community. Librenms versions up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with th...
MAL-2026-128 Malicious code in lnatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a613dbd371593bf6bcb7ae528a4d7d7dba2fedfc6670c8cb493bb5cbee18f734 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
Malicious code in lnatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a613dbd371593bf6bcb7ae528a4d7d7dba2fedfc6670c8cb493bb5cbee18f734 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
CVE-2013-6019
Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
Malicious code in pycolorom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6babcee81c12759b66be4c0a8ba33c3f0272b052a47fda31227f4a6087ba8e5b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
MAL-2026-96 Malicious code in pycolorom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6babcee81c12759b66be4c0a8ba33c3f0272b052a47fda31227f4a6087ba8e5b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
MAL-2026-53 Malicious code in gztensor-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...
MAL-2026-42 Malicious code in pyrogrom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef643052c84683fba662eaded2786ba6fa993e69224608070ad949d4f3d0c3e4 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-27 Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-26 Malicious code in pdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...
Malicious code in pdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...
MAL-2025-193011 Malicious code in requeses (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 60e475750b95349319dcce7f69afe6399fe78c271b772c001f7a01df5e1e7bba Typosquatting package with a Telegram-bot with RAT-like functionality. The code has been changed a bit compared to the previous incarnations, but keeps the sam...