2464 matches found
PT-2026-35943
A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter...
Bynder 安全漏洞
Bynder is a brand content management platform used by Bynder Inc. for the centralized management and distribution of digital media assets. Version 0.1.394 of Bynder contains a security vulnerability, which stems from a storage-side cross-site scripting issue. This vulnerability could allow for th...
CVE-2025-70094
A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...
CVE-2023-43376
A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...
CVE-2022-23871
Multiple cross-site scripting XSS vulnerabilities in the component outcomesaddProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters...
CVE-2022-33009
A stored cross-site scripting XSS vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file...
CVE-2022-33122
A stored cross-site scripting XSS vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page...
CVE-2022-37679
Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...
CVE-2022-31398
A cross-site scripting XSS vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field...
CVE-2022-31358
A reflected cross-site scripting XSS vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/...
CVE-2020-23341
A reflected cross site scripting XSS vulnerability in the /header.tmpl.php component of ATutor 2.2.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2025-1324
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-2306
The Revslider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg upload in all versions up to, and including, 6.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-2237
The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Global Badge module in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
CVE-2024-2655
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post widgets in all versions up to, and including, 8.3.5 due to insufficient input sanitization and output escaping on author display names. This makes it possible for authenticated...
EUVD-2020-23987
Malware in sbrugna...
EUVD-2021-24789
Malware in sbrugna...
EUVD-2021-24791
Malware in sbrugna...
EUVD-2021-22058
Malware in sbrugna...
EUVD-2020-23944
Malware in sbrugna...