EUVD-2025-24604

Malicious code in bioql PyPI...

CVE-2025-45315

A cross-site scripting XSS vulnerability in the /controller/admin.php endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the email parameter...

PT-2023-29775 · Unknown · Thirty Bees Core

Name of the Vulnerable Software and Affected Versions: Thirty Bees Core version 1.4.0 Description: The issue is a reflected cross-site scripting XSS vulnerability. It allows attackers to execute arbitrary JavaScript in a user's web browser via a crafted payload. The vulnerability is exploited...