CVE-2025-8511 Portabilis i-Diario Observações diario-de-observacoes cross site scripting

A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The manipulation of the argument Descrição leads to cross site scripting. The attack can be initiated remotel...

CVE-2025-8509

A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educarservidorcad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be launched remotely...

CVE-2025-8509 Portabilis i-Educar educar_servidor_cad.php cross site scripting

A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educarservidorcad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be launched remotely...

CVE-2025-8501

A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack...

CVE-2025-8501

The CVE-2025-8501 entry concerns code-projects Human Resource Integrated System (HRIS) version 1.0. A vulnerability in the file /insert-and-view/action.php, arising from manipulation of the content parameter, enables Cross-Site Scripting (XSS). The issue is remotely exploitable and has publicly d...

CVE-2025-50866

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting XSS vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading t...

CVE-2025-8346

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educaralunolst.php. The manipulation of the argument refcodmatricula with the input " leads to cross site scripting. The attack may b...

WordPress Image Gallery plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Image Gallery versions = 1.0.0...

WordPress Custom Word Cloud plugin <= 0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via angle Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via angle Parameter vulnerability discovered by muhammad yudha in WordPress Plugin Custom Word Cloud versions = 0.3...

Microweber CMS 安全漏洞

Microweber CMS is a drag-and-drop website builder from Microweber Open Source. A security vulnerability exists in Microweber CMS version 2.0, which stems from reflected cross-site scripting in the layout parameter in the /admin/page/create page, which could lead to arbitrary JavaScript execution...

PT-2025-31655

Name of the Vulnerable Software and Affected Versions The Language Sloth Web Application version 1.0 Description A stored cross-site scripting XSS vulnerability exists in The Language Sloth Web Application. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted...

CVE-2025-37108 HPE Telco Service Activator, Protection Mechanism Failure

Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...

CVE-2025-41391

Stored cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product user accesses a malicious page, an arbitrary script may be executed on the browser...

CVE-2025-8370 Portabilis i-Educar educar_escolaridade_lst.php cross site scripting

A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9. Affected is an unknown function of the file /intranet/educarescolaridadelst.php. The manipulation of the argument descricao leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-8368

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...

CVE-2025-8369 Portabilis i-Educar educar_avaliacao_desempenho_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9. This issue affects some unknown processing of the file /intranet/educaravaliacaodesempenholst.php. The manipulation of the argument tituloavaliacao leads to cross site scripting. The attack may be...

CVE-2025-8369 Portabilis i-Educar educar_avaliacao_desempenho_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9. This issue affects some unknown processing of the file /intranet/educaravaliacaodesempenholst.php. The manipulation of the argument tituloavaliacao leads to cross site scripting. The attack may be...

CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...

CVE-2025-8346

Portabilis i-Educar 2.10 is affected. The vulnerability is a cross-site scripting flaw in educar_aluno_lst.php via the ref_cod_matricula parameter, exploitable remotely by injecting input like &gt;, with user interaction required. Remediation: update to a newer Portabilis i-Educar version and san...

CVE-2025-8346 Portabilis i-Educar educar_aluno_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educaralunolst.php. The manipulation of the argument refcodmatricula with the input " leads to cross site scripting. The attack may b...