13 matches found
EUVD-2025-204095
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...
CVE-2025-60182
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...
PT-2025-52151
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...
EUVD-2025-25317
Malicious code in bioql PyPI...
EUVD-2025-25345
Malicious code in bioql PyPI...
CVE-2025-54027
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through = 3.8.0...
CVE-2025-54031
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...
CVE-2025-54027
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through = 3.8.0...
CVE-2025-54031
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...
CVE-2025-54027
CVE-2025-54027 is a reflected XSS in WordPress plugin Support Board (Schiocco) affecting versions up to 3.8.0. The issue arises from improper input neutralization during web page generation, enabling cross-site scripting reflections. CVSS base score is 7.1 (HIGH) with network attack vector, user ...
CVE-2025-54031
CVE-2025-54031 is a PHP Local File Inclusion in WordPress Support Board, caused by improper control of filename for include/require statements. Affected: Support Board versions through 3.8.0. Impact: PHP LFI leading to access to local files; CVSS metrics indicate HIGH severity. Remediation: a fix...
PT-2025-34005 · Unknown · Schiocco Support Board
Name of the Vulnerable Software and Affected Versions: Schiocco Support Board versions through 3.8.0 Description: Improper neutralization of input during web page generation allows reflected cross-site scripting XSS. Recommendations: Update Schiocco Support Board to a version later than 3.8.0...
PT-2025-34007 · Unknown · Schiocco Support Board
Name of the Vulnerable Software and Affected Versions: Schiocco Support Board versions through 3.8.0 Description: The software contains an improper control of filename for include/require statements, leading to a PHP local file inclusion issue. Recommendations: Versions prior to 3.8.0 are affecte...