241 matches found
EUVD-2022-39304
Malicious code in bioql PyPI...
EUVD-2023-47686
Malicious code in bioql PyPI...
EUVD-2023-43410
Malicious code in bioql PyPI...
EUVD-2022-47876
Malicious code in bioql PyPI...
EUVD-2023-41700
Malicious code in bioql PyPI...
EUVD-2024-28870
Malicious code in bioql PyPI...
EUVD-2023-41110
Malicious code in bioql PyPI...
EUVD-2022-5795
Malicious code in bioql PyPI...
CVE-2025-59524 Horilla Stored XSS Vulnerability via File Upload in Reimbursement Panel
Horilla is a free and open source Human Resource Management System HRMS. Prior to version 1.4.0, the file upload flow performs validation only in the browser and does not enforce server-side checks. An attacker can bypass the client-side validation for example, with an intercepting proxy or by...
IBM Watson Studio on Cloud Pak for Data Cross-Site Scripting Vulnerability
IBM Watson Studio on Cloud Pak for Data is an intelligent search and text analytics platform from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Watson Studio on Cloud Pak for Data versions 4.0 and 5.0, which stems from the application's lack of effective...
PT-2025-31808 · Intelbras · Intelbras Rx 1500 +1
Name of the Vulnerable Software and Affected Versions: Intelbras RX1500 version 2.2.9 Intelbras RX3000 version 1.0.11 Description: A cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the name of a visiting Wi-Fi...
CVE-2025-51403
A stored cross-site scripting XSS vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter...
CVE-2025-51396
A stored cross-site scripting XSS vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter...
CVE-2025-53924 Emlog vulnerable to stored Cross-site Scripting in links functionality
Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script or HTML via the siteurl parameter. It is possible to inject malicious code into siteurl parameter...
WordPress Automatically Hierarchic Categories in Menu plugin Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Automatically Hierarchic Categories in Menu plugin, which stems from the application's lack of effective filtering a...
WordPress Anant Addons for Elementor plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Anant Addons for Elementor plugin, which stems from the application's lack of effective filtering and escaping of...
WordPress Elessi plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Elessi plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...
WordPress Contact Us Page - Contact People plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Contact Us Page - Contact People plugin, which stems from insufficient input cleanup and escaping, and can be...
WordPress Backup and Staging by WP Time Capsule plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Backup and Staging by WP Time Capsule plugin that stems from improper input neutralization and can be exploited by a...
WordPress Easy Digital Downloads plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Easy Digital Downloads plugin, which stems from the application's lack of effective filtering and escaping of...