CVE-2025-70845

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...

CVE-2025-70845

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...

PT-2026-7907

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...

CVE-2025-70845

CVE-2025-70845 affects lty628 aidigu v1.9.1. The vulnerability is a Cross Site Scripting (XSS) flaw on the /setting/ page, where the "intro" field is not properly sanitized or escaped. The available sources confirm the flaw but do not provide details on exploit scenarios, affected versions beyond...

CVE-2025-70845

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...

CVE-2025-70845

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS exists in the /setting/ page where the "intro" field is not properly sanitized or escaped...

CVE-2026-20894

Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If an attacking administrator configures the affected product with some malicious input, an arbitrary script may be executed on the web browser of a victim administrator who accesse...

CVE-2025-12269

A vulnerability was found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The affected element is an unknown function of the file /dash/org/settings/previews of the component Account Setting Page. The manipulation results in cross site scripting. It is possible to launch the attack...

PT-2025-43937

Name of the Vulnerable Software and Affected Versions LearnHouse versions prior to 98dfad76aad70711a8113f6c1fdabfccf10509ca Description A cross site scripting issue exists in LearnHouse. The issue is located in the Account Setting Page component, specifically within the file...

CVE-2025-10651

The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ordermail' setting in versions up to, and including, 2.11.22. This is due to insufficient sanitization on the ordermail field and a lack of escaping on output. This makes it possible for authenticate...

EUVD-2023-45260

Malicious code in bioql PyPI...

EUVD-2025-22018

Malicious code in bioql PyPI...

EUVD-2025-16590

Malicious code in bioql PyPI...

WordPress plugin USS Upyun 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

CVE-2025-7898 Codecanyon iDentSoft Account Setting Page updateSetting unrestricted upload

A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of the file /clinica/profile/updateSetting of the component Account Setting Page. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate...

CVE-2025-7898

CVE-2025-7898 concerns Codecanyon iDentSoft 2.0. The vulnerability lies in the Account Setting Page function, specifically the file path /clinica/profile/updateSetting, where manipulation of the parameter photo enables an unrestricted file upload. This can be initiated remotely and is described a...

CVE-2025-7898 Codecanyon iDentSoft Account Setting Page updateSetting unrestricted upload

A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of the file /clinica/profile/updateSetting of the component Account Setting Page. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate...

CVE-2025-5721

A vulnerability, which was classified as problematic, was found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /script/academic/core/updateprofile of the component Profile Setting Page. The manipulation leads to cross site scripting. It is possibl...

CVE-2025-5721 SourceCodester Student Result Management System Profile Setting Page update_profile cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /script/academic/core/updateprofile of the component Profile Setting Page. The manipulation leads to cross site scripting. It is possibl...

CVE-2025-5721 SourceCodester Student Result Management System Profile Setting Page update_profile cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /script/academic/core/updateprofile of the component Profile Setting Page. The manipulation leads to cross site scripting. It is possibl...