Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/04/02 5:37 p.m.27 views

CVE-2026-34598 YesWiki has Persistant Blind XSS at "/?BazaR&vue=consulter"

YesWiki is a wiki system written in PHP. Prior to version 4.6.0, a stored and blind XSS vulnerability exists in the form title field. A malicious attacker can inject JavaScript without any authentication via a form title that is saved in the backend database. When any user visits that injected...

7.1CVSS0.00213EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 a.m.7 views

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...

6.1CVSS5.4AI score0.00206EPSS
Exploits1References1
NVD
NVD
added 2025/06/27 4:15 p.m.7 views

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...

6.1CVSS0.00206EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/27 12:0 a.m.3 views

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...

5.5AI score0.00206EPSS
Exploits1References1
CVE
CVE
added 2025/06/27 12:0 a.m.24 views

CVE-2025-50367

CVE-2025-50367 corresponds to a stored blind XSS vulnerability in the Contact Page of Phpgurukul Medical Card Generation System 1.0 (mcgs/contact.php). The root cause is improper sanitization/cleanup of the name field, enabling JavaScript injection. Public sources (NVD, Red Hat, CNVD, CNVD, PT-Se...

6.1CVSS5.5AI score0.00206EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/06/27 12:0 a.m.8 views

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...

0.00206EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.7 views

PT-2025-27236 · Unknown · Phpgurukul Medical Card Generation System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Medical Card Generation System version 1.0 Description: A stored blind XSS issue exists in the Contact Page, specifically affecting the "name" field in the mcgs/contact.php file. This field fails to properly sanitize user input,...

6.1CVSS6.4AI score0.00206EPSS
Exploits1References4
OSV
OSV
added 2024/05/10 3:29 p.m.27 views

GHSA-X525-54HF-XR53 Blind XSS Leading to Froxlor Application Compromise

Description: A Stored Blind Cross-Site Scripting XSS vulnerability has been identified in the Failed Login Attempts Logging Feature of the Froxlor Application. Stored Blind XSS occurs when user input is not properly sanitized and is stored on the server, allowing an attacker to inject malicious...

9.6CVSS8.6AI score0.00963EPSS
Exploits2References4
Rows per page
Query Builder