8 matches found
EUVD-2025-205735
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Inboxify Inboxify Sign Up Form inboxify-sign-up-form allows Stored XSS.This issue affects Inboxify Sign Up Form: from n/a through = 1.0.4...
CVE-2025-69008 WordPress Inboxify Sign Up Form plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Inboxify Inboxify Sign Up Form inboxify-sign-up-form allows Stored XSS.This issue affects Inboxify Sign Up Form: from n/a through = 1.0.4...
CVE-2025-69008
CVE-2025-69008 is described in the Initial document as an Improper Neutralization of Input During Web Page Generation (Stored XSS) in Inboxify Sign Up Form (inboxify-sign-up-form), affecting Inboxify Sign Up Form versions from n/a through 1.0.4. The CVE entry notes Stored XSS risk due to insuffic...
PT-2025-53890
Name of the Vulnerable Software and Affected Versions Inboxify versions prior to 1.0.5 Description The Inboxify Sign Up Form, specifically the inboxify-sign-up-form component, contains a flaw related to the handling of user-supplied data during web page creation. This can lead to the injection of...
WordPress Inboxify Sign Up Form plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Inboxify Sign Up Form versions = 1.0.4...
Expense Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Expense Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...
CVE-2023-41575
Multiple stored cross-site scripting XSS vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters...
XSS vulnerability in Mojo Mail Sign-Up Form
Heya, this is my first post here so go easy on me plz. I posted about this on the Mojo Bug Tracker ages ago and it's just been ignored, and besides, Im losing faith in reporting to the vendor, PHP Arena took the credit for an XSS bug I found in their paFileDB. But anyway, Mojo Mail doesn't filter...