Cadmium CMS 安全漏洞

Cadmium CMS is a content management system from Cadmium open source. A security vulnerability exists in Cadmium CMS version 0.4.9, which originates from an arbitrary file upload in /admin/content/filemanager/uploads...

EUVD-2006-4490

Malware in sbrugna...

EUVD-2006-1756

Malware in sbrugna...

EUVD-2007-3711

Malware in sbrugna...

EUVD-2025-14032

Malicious code in bioql PyPI...

CVE-2023-38330

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack...

CVE-2025-29602

flatpress 1.3.1 is vulnerable to Cross Site Scripting XSS in Administration area via Manage categories...

CVE-2025-29602

flatpress 1.3.1 is vulnerable to Cross Site Scripting XSS in Administration area via Manage categories...

CVE-2025-29602

Summary: CVE-2025-29602 affects FlatPress 1.3.1 with a stored XSS in the Administration area (Manage categories). The root cause is untrusted input handling in category management, enabling a payload stored by an admin that could affect other users. The vulnerability has a confirmed exploit refer...

CVE-2025-29602

flatpress 1.3.1 is vulnerable to Cross Site Scripting XSS in Administration area via Manage categories...

FlatPress 安全漏洞

FlatPress is a lightweight, easy-to-setup flat file blogging engine from the FlatPress open source. A security vulnerability exists in FlatPress version 1.3.1, which stems from the presence of cross-site scripting in the administration area, which could lead to cross-site scripting attacks...

CVE-2024-45800 Multiple mXSS found in snappymail HTML parser

Snappymail is an open source web-based email client. SnappyMail uses the cleanHtml function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many invalid HTML elements, it was possible with...

CVE-2024-45800 Multiple mXSS found in snappymail HTML parser

Snappymail is an open source web-based email client. SnappyMail uses the cleanHtml function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many invalid HTML elements, it was possible with...

CVE-2024-45800 Multiple mXSS found in snappymail HTML parser

Snappymail is an open source web-based email client. SnappyMail uses the cleanHtml function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many invalid HTML elements, it was possible with...

CVE-2023-38330

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack...

CVE-2023-38330

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack...

PT-2023-26365 · Oxid · Oxid Eshop Enterprise Edition

Name of the Vulnerable Software and Affected Versions: OXID eShop Enterprise Edition versions 6.5.0 through 6.5.2 Description: The issue allows uploading files with modified headers in the administration area, enabling an attacker to create a HTTP Response Splitting attack by uploading a file wit...

4images Cross Site Scripting / Clickjacking

Affected software: 4images Type of vulnerability: clickjacking,xss URL: http://www.4homepages.de/ Discovered by: Provensec Website: http://www.provensec.com Description: 4images is a powerful web-based image gallery management system. Features include comment system, user registration and...

Shopping Cart Script with Affiliate Program - SQL Injection

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Shopping Cart Script with Affiliate Program SQL Injection Vendor url:http://www.yourfreeworld.com Version:n/a Price:399$ Published: 2010-06-19 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW member...

Digital Interchange Document Library - SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...