CVE-2023-51513

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

CVE-2023-51513 WordPress Geo Controller plugin <= 8.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

TrueConf Client 安全漏洞

TrueConf Client is a video conferencing and collaboration software client from TrueConf Lithuania. A security vulnerability exists in TrueConf Client version 8.5.2, which stems from vulnerability to DLL hijacking attacks via a specially crafted wfapi.dll, which could lead to the execution of...

Twonky Server <= 8.5.2 Multiple Vulnerabilities - Version Check

Twonky Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:lynxtechnology:twonkyserver";...

Twonky Server <= 8.5.2 Authentication Bypass Vulnerability - Active Check

Twonky Server is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-13316

Twonky Server 8.5.2 on Linux and Windows is affected by CVE-2025-13316, a cryptographic flaw caused by hard-coded keys. An attacker who obtains the encrypted administrator password can decrypt it with the static keys to obtain the plaintext password and gain administrator-level access to Twonky S...

EUVD-2017-12391

Malware in sbrugna...

EUVD-2019-10950

Malware in sbrugna...

EUVD-2022-39892

Malicious code in bioql PyPI...

CVE-2023-52120

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

CVE-2022-28975

A stored cross-site scripting XSS vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field...

CVE-2013-4600

Multiple cross-site scripting XSS vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to system/workplace/views/admin/admin-main.jsp or the 2 requestedResource parameter to system/login/index.html...

WordPress WooCommerce plugin <= 8.5.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WooCommerce versions = 8.5.2...

Infoblox NIOS Cross-Site Scripting Vulnerability

Infoblox NIOS is an operating system that powers Infoblox core network services. It ensures uninterrupted operation of the network infrastructure. A cross-site scripting vulnerability exists in Infoblox NIOS version v8.5.2-409296, which originates from a vulnerability that allows an attacker to...

PT-2024-11547

Name of the Vulnerable Software and Affected Versions Infoblox NIOS version 8.5.2-409296 Description A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field. This enables attackers to potentiall...

WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software NEX-Forms – Ultimate Form Builder Type Plugin Vulnerable versions = 8.5.2 Fixed in 8.5.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52120 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6c987b0249e3 Credits...

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A malicious party could exploit the vulnerability to break into publicly accessible Confluence Data Center and Server instances, create unauthorized Confluence administrator accounts and gain access to Confluence instances. Atlassian has released...

CVE-2022-37244

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...

CVE-2022-37245

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the Blacklist endpoint...

PT-2022-23886 · Mdaemon Technologies · Mdaemon Technologies Securitygateway For Email Servers

Name of the Vulnerable Software and Affected Versions: MDaemon Technologies SecurityGateway for Email Servers version 8.5.2 Description: The issue concerns HTTP Response splitting, which occurs via the data parameter. This allows for potential manipulation of HTTP responses. Recommendations: For...