EUVD-2023-43308

Malicious code in bioql PyPI...

EUVD-2022-52279

Malicious code in bioql PyPI...

CVE-2024-0256

The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Profile Display Name and Social Settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-0256

The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Profile Display Name and Social Settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Plugin Starbox Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

Cross site scripting

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

PT-2023-27031 · Csz Cms · Csz Cms

Name of the Vulnerable Software and Affected Versions: CSZ CMS version 1.3.0 Description: A Cross-Site Scripting XSS issue allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter. This enables attackers to potentially manipulate the website's behavior...

CSZ CMS 跨站脚本漏洞

CSZ CMS is an open source PHP-based content management system CMS. A cross-site scripting vulnerability exists in CSZ CMS version v.1.3.0, which stems from a vulnerability that allows an attacker to execute arbitrary code via the Social Settings parameter using a crafted payload...

CVE-2023-39599

CVE-2023-39599 affects CSZ CMS v1.3.0. The data shows a Cross-Site Scripting (XSS) vulnerability in the Social Settings parameter that can be exploited by a crafted payload to execute arbitrary code. Reported metrics indicate low confidentiality and integrity impact with no availability impact, a...

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

CVE-2022-30337

Cross-Site Request Forgery CSRF vulnerability in JoomUnited WP Meta SEO plugin = 4.4.8 at WordPress allows an attacker to update the social settings...

CVE-2022-30337

Cross-Site Request Forgery CSRF vulnerability in JoomUnited WP Meta SEO plugin = 4.4.8 at WordPress allows an attacker to update the social settings...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in JoomUnited WP Meta SEO plugin = 4.4.8 at WordPress allows an attacker to update the social settings...

CVE-2022-30337 WordPress WP Meta SEO plugin <= 4.4.8 - Social Settings Update vis Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in JoomUnited WP Meta SEO plugin = 4.4.8 at WordPress allows an attacker to update the social settings...

WordPress plugin JoomUnited WP Meta SEO 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin JoomUnited...

Cross-Site Request Forgery (CSRF) in e107inc/e107

✍️ Description Attacker or malicious user is able to change URL configuration if a logged in user visits attacker website. because lack of CSRF token 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally your search URL changed form /search.php...