CVE-2025-14265

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

CVE-2025-61996 OPEXUS FOIAXpress stored XSS via annual report template

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

EUVD-2014-9496

Malware in sbrugna...

EUVD-2022-7025

Malicious code in bioql PyPI...

CVE-2024-24807

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...

PT-2024-28441 · Wagtail · Wagtail

Name of the Vulnerable Software and Affected Versions: Wagtail versions prior to 5.2.6 Wagtail versions prior to 6.0.6 Wagtail versions prior to 6.1.3 Description: A bug in Wagtail's parse query string function would result in it taking a long time to process suitably crafted inputs, leading to a...