525 matches found
CVE-2020-36889 Kentico Xperience <= 12.0.90 Administration Interface Stored XSS
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via error messages containing specially crafted object names. This allows malicious scripts to execute in users' browsers when administrators view error messages in the administration...
CVE-2020-36889 Kentico Xperience <= 12.0.90 Administration Interface Stored XSS
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via error messages containing specially crafted object names. This allows malicious scripts to execute in users' browsers when administrators view error messages in the administration...
PT-2025-52311
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. Global administrators can inject malicious payloads through the Localization application. Successful exploitation...
PT-2025-52310
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A reflected cross-site scripting issue exists in Kentico Xperience. Authenticated users can inject malicious scripts into the administration interface. Exploitation allows attackers...
CVE-2025-14777
A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...
EUVD-2025-202403
Keycloak Admin REST Representational State Transfer API does not properly enforce permissions...
CVE-2025-14082 Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure
A flaw was found in Keycloak Admin REST Representational State Transfer API. This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/realm/roles endpoint...
CVE-2020-36866
Nagios XI versions prior to 5.7.3 are vulnerable to cross-site scripting XSS via the Manage Users page of the Admin interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
EUVD-2010-3868
Malware in sbrugna...
EUVD-2015-7208
Malware in sbrugna...
EUVD-2001-0133
Malware in sbrugna...
EUVD-2019-8850
Malware in sbrugna...
EUVD-2004-1890
Malware in sbrugna...
EUVD-2015-7211
Malware in sbrugna...
EUVD-2008-6670
Malware in sbrugna...
EUVD-2008-3071
Malware in sbrugna...
EUVD-2009-0065
Malware in sbrugna...
EUVD-2004-1892
Malware in sbrugna...
EUVD-2021-23861
Malware in sbrugna...
EUVD-2006-4897
Malware in sbrugna...