CVE-2025-29746

Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and album components...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the collection, Wishlist, and album components. An attacker can escalate privileges by injecting malicious scripts. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker...

Jeesns 跨站脚本漏洞

JEESNS is a social management system developed on JAVA's enterprise-level platform. A stored cross-site scripting vulnerability exists in the /member/picture/album component in JEESNS version 1.4.2. The vulnerability can be exploited to execute arbitrary web script or HTML via a specially crafted...

Trovebox SQL Injection Vulnerability

Trovebox is an open source image sharing and management platform. album is one of the album components. A SQL injection vulnerability exists in the album component in Trovebox versions prior to 4.0.0-rc6. A remote attacker can exploit this vulnerability by sending an HTTP request to view, add,...

Joomla Themes Cross Site Scripting / Denial Of Service

Hello list! I want to warn you about Cross-Site Scripting, Full path disclosure, Abuse of Functionality and Denial of Service vulnerabilities in multiple themes and components for Joomla. ------------------------- Affected products: ------------------------- Similarly to vulnerabilities in multip...

Joomla Album 1.14 Directory Traversal

Joomla Component comalbum Directory Traversal Vuln version Album 1.14 Author : DreamTurk mail : [email protected] home page : www.turkguvenligi.info Down : http://www.breedveld.net/index.php?option=comremository&Itemid=193&func=startdown&id=1 exp :...