CVE-2018-25377 Flash Slideshow Maker Professional 5.20 Buffer Overflow SEH

Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...

CVE-2025-36592

Dell Secure Connect Gateway SCG Policy Manager, versions 5.20. 5.22, 5.24, 5.26, 5.28, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading...

PT-2025-44417

Name of the Vulnerable Software and Affected Versions Dell Secure Connect Gateway SCG Policy Manager versions 5.20 through 5.28 Description Dell Secure Connect Gateway SCG Policy Manager contains an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site...

EUVD-2025-27942

Malicious code in bioql PyPI...

CVE-2025-3895

Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...

CVE-2025-3894

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3893

While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3894

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3895

Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords including these belonging to...

CVE-2025-3893

While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3894

CVE-2025-3894 concerns MegaBIP: the text editor embedded in MegaBIP does not neutralize user input, enabling Stored XSS attacks across users. The issue requires high privileges to use the editor, with impact limited to if exploited in authenticated contexts as described; affected version detected...

CVE-2025-3894 Stored XSS in MegaBIP

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3894 Stored XSS in MegaBIP

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3893 SQL Injection in MegaBIP

While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...

CVE-2025-3893 SQL Injection in MegaBIP

While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability. Version 5.20 of MegaBIP fixes this issue...

CVE-2023-23713

Cross-Site Request Forgery CSRF vulnerability in Manoj Thulasidas Theme Tweaker plugin = 5.20 versions...

PT-2024-28947 · Rockwell Automation · Pavilion8

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 version 5.20 Description: A vulnerability exists in the affected product due to a lack of encryption of sensitive information. This results in data being sent between the Console and the Dashboard without...

SUSE: Security Advisory (SUSE-SU-2017:3048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GAzie <= 5.20 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Stored Cross Site Scripting Risk : Very High Date: 2/6/2012 Author: R3ZN0V Email : email protected Software Link: http://sourceforge.net/projects/gazie/files/gazie/gazie5.20/gazie5.20.zip/download Version: 5.20 The Exploit "...

docuFORM Mercury WebApp 6.16a / 5.20 Cross Site Scripting

docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hidden" name="aacfunc" value="...