CVE-2025-45286

A cross-site scripting XSS vulnerability in mccutchen httpbin v2.17.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2021-47747

meterN 1.2.3 contains an authenticated remote code execution vulnerability in adminmeter2.php and adminindicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges...

PT-2026-20853

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.8 Description The application does not properly handle iframe content in the private area, allowing an attacker to inject and execute malicious scripts through iframe tags. The issue occurs because the application do...

PT-2026-21575

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 145.0.7632.116 Description A flaw exists in Google Chrome's DevTools due to an inappropriate implementation. An attacker could potentially convince a user to install a malicious extension. This would allow the...

PT-2026-1023

Name of the Vulnerable Software and Affected Versions Signal K Server versions prior to 2.19.0 Description Signal K Server is a server application used in marine environments. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API...

CVE-2021-47747

meterN 1.2.3 contains an authenticated remote code execution vulnerability in adminmeter2.php and adminindicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges...

CVE-2021-47747 meterN 1.2.3 Authenticated Remote Code Execution via Admin Scripts

meterN 1.2.3 contains an authenticated remote code execution vulnerability in adminmeter2.php and adminindicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges...

CVE-2021-47747

CVE-2021-47747 affects meterN 1.2.3 and describes an authenticated remote code execution vulnerability in admin_meter2.php and admin_indicator2.php. The issue allows an attacker to submit POST parameters COMMANDx and LIVECOMMANDx to execute arbitrary system commands with administrative privileges...

Malicious code in pyrogrem (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 42a10da9545ede038913b53b3619d36a94708a854536263f6a97c5d4d30a9b65 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting vulnerability

Authenticated Author+ Stored Cross-Site Scripting via 'Custom Scripts' Setting vulnerability discovered by WordFence in WordPress Plugin Image Photo Gallery Final Tiles Grid versions = 3.6.8...

PT-2025-54419

STVS ProVision 5.9.10 contains a cross-site scripting vulnerability in the 'files' POST parameter that allows authenticated attackers to inject arbitrary HTML code. Attackers can exploit the unvalidated input to execute malicious scripts within a user's browser session in the context of the...

CVE-2022-50790

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to access live radio stream information through webplay or ffmpeg scripts. Attackers can exploit the vulnerability by calling specific web scripts to disclose radio stream...

CVE-2022-50790

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to access live radio stream information through webplay or ffmpeg scripts. Attackers can exploit the vulnerability by calling specific web scripts to disclose radio stream...

CVE-2022-50695

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...

CVE-2022-50794 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Command Injection via Username

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection vulnerability in the username parameter. Attackers can exploit index.php and login.php scripts by injecting arbitrary shell commands through the HTTP POST 'username' parameter to execute system...

CVE-2022-50790 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Radio Stream Disclosure

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to access live radio stream information through webplay or ffmpeg scripts. Attackers can exploit the vulnerability by calling specific web scripts to disclose radio stream...

CVE-2025-69210

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting XSS vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML files containing executable JavaScript. These...

PT-2025-54233

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x Description The software contains a network issue that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php,...

CLSA-2025-1767027096 httpd: Fix of CVE-2025-58098

CVE-2025-58098: prevent SSI args from being passed to CGI scripts...

CVE-2025-57462

MachSol MachPanel 8.0.32 is affected by a stored cross-site scripting (XSS) vulnerability exploitable through a crafted PDF file. The issue allows execution of arbitrary web scripts or HTML, as described across multiple sources (NVD, Red Hat, EUVD, CVE list, CNNVD, CNVD). CVSS 3.1 base score 6.1 ...