EUVD-2016-5495

Malware in sbrugna...

EUVD-2009-4003

Malware in sbrugna...

EUVD-2025-25977

Malicious code in bioql PyPI...

EUVD-2025-27810

Malicious code in bioql PyPI...

EUVD-2022-37272

Malicious code in bioql PyPI...

ClipBucket 权限许可和访问控制问题漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket 5.5.0 and earlier versions, which stems from a lack of access control in the upload handler, and could allow an...

Linux Distros Unpatched Vulnerability : CVE-2015-5651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Dotclear before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

WordPress plugin Magazine Saga 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2025-3703

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wipeoutmedia CSS & JavaScript Toolbox css-javascript-toolbox allows PHP Local File Inclusion.This issue affects CSS & JavaScript Toolbox: from n/a through 12.0.3...

CVE-2025-9013

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2012-10036

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CLSA-2025-1753780501 php: Fix of CVE-2025-1220

CVE-2025-1220: fix null byte termination in hostnames...

Astra Linux – Vulnerability in PHP 8.2

In PHP versions starting from 8.1. up to 8.1.32, from 8.2. up to 8.2.28, from 8.3. up to 8.3.19, and from 8.4. up to 8.4.5, when user-supplied headers are sent, insufficient validation of line-end characters may prevent certain headers from being sent or may lead to misinterpretation of certain...

OS Command Exec, Unix Command Shell, Bind TCP (via perl) IPv6

Execute an OS command from PHP. Listen for a connection and spawn a command shell via perl Module Options msf use payload/php/unix/cmd/bindperlipv6 msf payloadbindperlipv6 show actions ...actions... msf payloadbindperlipv6 set ACTION msf payloadbindperlipv6 show options ...show and set options...

CVE-2023-24081

Multiple stored cross-site scripting XSS vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page...

CVE-2022-34316

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452...

CVE-2012-2636

Cross-site scripting XSS vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-8667

Cross-site scripting XSS vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

BlueCMS 安全漏洞

BlueCMS is a PHP and MySQL based Content Management System CMS by 6arshid Personal Developer. A security vulnerability exists in BlueCMS version 1.6, which stems from a problem with the id parameter and could lead to arbitrary file deletion...