67 matches found
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
EUVD-2025-199925
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
GHSA-92X3-MFJP-J3H3 yungifez Skuul School Management System vulnerable to XSS via SVG
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784 yungifez Skuul School Management System SVG File edit cross site scripting
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784 yungifez Skuul School Management System SVG File edit cross site scripting
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
CVE-2025-13784 affects yungifez Skuul School Management System up to version 2.6.5. The vulnerability lies in the SVG File Handler component, specifically in the /dashboard/schools/1/edit path, where manipulation enables cross-site scripting. The issue is exploitable remotely and exploits have be...
Cross-site Scripting (XSS)
novosga/novosga is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in the logoNavbar/logoLogin parameters within the /admin component’s SVG File Handler, which allows an attacker to inject and execute arbitrary web scripts remotely...
CVE-2025-11655
A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been...
CVE-2025-11655
A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been...
CVE-2025-11655 Total.js Flow SVG File unrestricted upload
A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been...
PT-2025-41744
Name of the Vulnerable Software and Affected Versions Total.js Flow versions prior to 673ef9144dd25d4f4fd4fdfda5af27f230198924 Description A security flaw exists in Total.js Flow related to the SVG File Handler component. Manipulation of this component can lead to unrestricted file upload, and th...
Total.js Flow 代码问题漏洞
Total.js Flow is an open source visualization into a tool by Total.js Platform. A code issue vulnerability exists in Total.js Flow, which stems from an unrestricted upload feature in the SVG File Handler component, which could lead to a remote attack...
EUVD-2025-31372
Malicious code in bioql PyPI...
EUVD-2025-31011
Malicious code in bioql PyPI...
EUVD-2021-34137
Malicious code in bioql PyPI...
EUVD-2025-10896
Malicious code in bioql PyPI...
CVE-2025-11027
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. Once aga...
CVE-2025-11027 givanz Vvveb SVG File cross site scripting
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. Once aga...