19 matches found
EUVD-2025-9083
Malicious code in bioql PyPI...
CVE-2025-30902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through = 1.9.3...
CVE-2025-30902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through = 1.9.3...
CVE-2025-30902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through = 1.9.3...
CVE-2025-30902
CVE-2025-30902 is a reflected Cross-Site Scripting in the AEC Kiosque WordPress plugin by ATL Software SRL. Publicly documented impact: Reflected XSS in AEC Kiosque versions up to 1.9.3 (no details for earlier versions). Root cause: Improper Input Neutralization during Web Page Generation. CVSS v...
CVE-2025-30902 WordPress AEC Kiosque plugin <= 1.9.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through = 1.9.3...
CVE-2025-30902 WordPress AEC Kiosque plugin <= 1.9.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through = 1.9.3...
PT-2025-14066 · Unknown · Aec Kiosque
Name of the Vulnerable Software and Affected Versions: AEC Kiosque versions 1.9.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This means that an attacker can injec...
WordPress plugin AEC Kiosque 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress AEC Kiosque plugin <= 1.9.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin AEC Kiosque versions = 1.9.3...
en.aec-collection.com Cross Site Scripting vulnerability OBB-3775399
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Fedora: Security Advisory for golang-github-morikuni-aec (FEDORA-2022-37aef44d1e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-morikuni-aec-1.0.0-6.fc36
Go wrapper for ANSI escape code...
Fedora: Security Advisory for golang-github-morikuni-aec (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-morikuni-aec-1.0.0-5.fc35
Go wrapper for ANSI escape code...
Fedora: Security Advisory for golang-github-morikuni-aec (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
aec.es XSS vulnerability
Open Bug Bounty ID: OBB-696384 Description| Value ---|--- Affected Website:| aec.es Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
aec-inc.com XSS vulnerability
Open Bug Bounty ID: OBB-459079 Description| Value ---|--- Affected Website:| aec-inc.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
AEC Subscription Manager Component for Mambo / Joomla! 'usage' Parameter SQLi
The version of the AEC Subscription Manager component for Joomla! and Mambo running on the remote host is affected by a SQL injection vulnerability in the acctexp.class.php script due to improper sanitization of user-supplied input to the 'usage' parameter before using it to construct database...