EUVD-2025-28207

Malicious code in bioql PyPI...

PT-2025-38847

Name of the Vulnerable Software and Affected Versions Trustpilot Trustpilot Reviews versions through 2.5.925 Description A missing authorization issue exists in Trustpilot Trustpilot Reviews, stemming from incorrectly configured access control security levels. This allows for unauthorized access...

PT-2025-33186 · Unknown · Shen2 多说社会化评论框

Name of the Vulnerable Software and Affected Versions: shen2 多说社会化评论框 versions n/a through 1.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue that allows Reflected XSS. Recommendations: At the moment, there is no...

PT-2025-33224 · Oik · Oik

Name of the Vulnerable Software and Affected Versions: oik versions n/a through 4.15.2 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform Cross Site Request Forgery attacks. Recommendations: At the moment, there is no information abou...

PT-2025-4619 · Unknown · Xfinity Soft Content Cloner

Name of the Vulnerable Software and Affected Versions: Xfinity Soft Content Cloner versions n/a through 1.0.1 Description: The issue is related to a Missing Authorization vulnerability in Xfinity Soft Content Cloner, which allows exploiting incorrectly configured access control security levels...

PT-2025-5447 · Unknown · Morkva Shipping For Nova Poshta

Name of the Vulnerable Software and Affected Versions: MORKVA Shipping for Nova Poshta versions n/a through 1.19.6 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection,...

PT-2025-5527 · Unknown · Button Generator

Name of the Vulnerable Software and Affected Versions: Button Generator – easily Button Builder versions n/a through 3.1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user into performing...

PT-2025-4951 · Unknown · Bizlibrary

Name of the Vulnerable Software and Affected Versions: BizLibrary versions n/a through 1.1 Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means that an attacker can inject malicious scripts into the website,...

PT-2025-4516 · Unknown · Instaform.Ir

Name of the Vulnerable Software and Affected Versions: instaform.ir فرم ساز فرم افزار versions n/a through 2.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS. Recommendations: For...

PT-2025-2505 · Creativethemes · Creativthemes Point

Name of the Vulnerable Software and Affected Versions: Creativthemes Point versions n/a through 1.1 Description: The issue is related to a Cross-Site Request Forgery CSRF problem, which allows Cross Site Request Forgery. This problem affects Creativthemes Point, enabling unauthorized actions on t...

PT-2024-36125 · Unknown · Think201 Faqs

Name of the Vulnerable Software and Affected Versions: Think201 FAQs versions n/a through 1.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in Think201 FAQs. Recommendations: For...

PT-2024-34919 · Unknown · Dang Ngoc Binh Audio Record

Name of the Vulnerable Software and Affected Versions: Dang Ngoc Binh Audio Record versions n/a through 1.0 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with dangerous type vulnerability. This enables remote hackers to uploa...

PT-2024-30323 · WordPress · Waitlist Woocommerce

Name of the Vulnerable Software and Affected Versions: Waitlist Woocommerce Back in stock notifier versions n/a through 2.6 Description: The issue affects the Waitlist Woocommerce Back in stock notifier plugin due to a Missing Authorization vulnerability. This vulnerability allows exploitation of...

PT-2024-33464 · Unknown · Sourav All In One Slider

Name of the Vulnerable Software and Affected Versions: Sourav All in One Slider versions n/a through 1.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows Reflected XSS, which can be exploited by...

PT-2024-33473 · Myriad Solutionz · Myriad Solutionz Property Lot Management System

Name of the Vulnerable Software and Affected Versions: Myriad Solutionz Property Lot Management System versions n/a through 4.2.38 Description: The issue allows hackers to upload malicious files, exploiting an Unrestricted File Upload vulnerability. This enables the upload of a web shell to a web...

PT-2023-23895

Name of the Vulnerable Software and Affected Versions Subscribe to Category versions n/a through 2.7.4 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. Recommendations For versions n/a through 2.7.4, upda...