BIT-JOOMLA-2026-35221 Joomla! Core - [20260506] - Authenticated blind SQLi in com_finder

Improperly built filter clauses lead to a SQL injection vulnerability in the search query for comfinder...

DokuWiki <= 2025-05-14a XSS Vulnerability

DokuWiki is prone to reflected cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EUVD-2008-2392

Malware in sbrugna...

CVE-2025-30352

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the search query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the...

CVE-2018-19092

An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie...

the-outpost.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-553529 Description| Value ---|--- Affected Website:| the-outpost.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

A-shop v0.70 SQL INECTION

Product : A-shop Version : v0.70 Vulnerability : SQL INJECTION http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='SQLINJECTION'&cmdSearch=Search Example ; http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='unionselect201,1,1,120from20users'&cmdSearch=Sear...