WordPress plugin Bus Ticket Booking with Seat Reservation 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

CVE-2025-65961 Contao is vulnerable to cross-site scripting in templates

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the template output that will be executed in the browser in the front end and back end. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A...

EUVD-2020-4956

Malware in sbrugna...

EUVD-2024-17290

Malicious code in bioql PyPI...

CVE-2025-24539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in debounce DeBounce Email Validator debounce-io-email-validator allows Reflected XSS.This issue affects DeBounce Email Validator: from n/a through = 5.6.5...

WordPress plugin DeBounce Email Validator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-26971 WordPress Poll Maker <= 5.6.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Poll Maker poll-maker allows Blind SQL Injection.This issue affects Poll Maker: from n/a through = 5.6.5...

WordPress plugin DeBounce Email Validator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-5555

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘social-link-title’ parameter in all versions up to, and including, 5.6.5 due to insufficient input sanitization and...

PT-2024-36549 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.5 Description: The issue is related to Stored Cross-Site Scripting via the social-link-title parameter due to insufficient input sanitization and output...

WordPress Multiple Vulnerabilities (Sep 2021) - Windows

WordPress is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

ECOS Secure Boot Stick Fuzzing Vulnerability

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker can exploit the vulnerability to extract the...

CVE-2018-12333

Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code...

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

Ecos Secure Boot Stick 5.6.5 Credential Disclosure / Information Leak

MULTIPLE SECURITY ISSUES IN ECOS SECURE BOOT STICK SBS - Software: Ecos Secure Boot Stick - Version: Stick Version 5.6.5, System Management Version 5.2.68 - Vendor Status: Vendor informed - Release Date: 13/06/2018 The latest version of this document may be downloaded from...

CVE-2017-11482

The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website...

Elastic Kibana Cross Site Scripting Vulnerability

Elastic Kibana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[ASA-201610-8] crypto++: information disclosure

Arch Linux Security Advisory ASA-201610-8 ========================================= Severity: Medium Date : 2016-10-12 CVE-ID : CVE-2016-7420 Package : crypto++ Type : information disclosure Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package crypto++ before...

Uniform Server Multiple CSRF Vulnerabilities

Uniform Server is prone to multiple Cross-Site Request Forgery vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...