EUVD-2022-6088

Malicious code in bioql PyPI...

EUVD-2025-0046

Malicious code in bioql PyPI...

EUVD-2022-38723

Malicious code in bioql PyPI...

EUVD-2025-3977

Malicious code in bioql PyPI...

EUVD-2025-27709

Malicious code in bioql PyPI...

EUVD-2022-41334

Malicious code in bioql PyPI...

EUVD-2023-49927

Malicious code in bioql PyPI...

EUVD-2022-5871

Malicious code in bioql PyPI...

EUVD-2025-31300

Malicious code in bioql PyPI...

PT-2025-39547

Name of the Vulnerable Software and Affected Versions 8theme XStore versions through 9.5.3 Description The software contains a flaw related to improper handling of script-related HTML tags on a web page, potentially leading to code injection. This issue is identified as a Basic Cross-Site Scripti...

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin AWP Classifieds 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2022-39371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...

CVE-2025-54698

CVE-2025-54698 concerns the WordPress Classified Listing plugin (RadiusTheme Classified Listing) up to version 5.0.0, with a vulnerability described as improper neutralization of script-related HTML tags in web pages, enabling content injection that can lead to basic XSS/Code Injection. Connected...

CVE-2025-27358

CVE-2025-27358 is a Content Injection (XSS) vulnerability affecting the WordPress plugin “Frontend File Manager” up to version 23.2. The issue arises from improper neutralization of script-related HTML tags in the web page, enabling code injection. Public details in the initial data indicate affe...

CVE-2023-48763

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4...

CVE-2022-25238

Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitiseserverside contig is not set to true in project code...

CVE-2022-1087

A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A...

CVE-2021-24218

The wpajaxsavefbesettings and wpajaxdeletefbesettings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved...

The vulnerability of the graphical interface of the Fortinet FortiPortal security analysis and management tool allows a attacker to execute arbitrary code.

The vulnerability of the Fortinet FortiPortal graphical interface for security analysis and management involves the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...