CVE-2025-40644 Reflected Cross-Site Scripting (XSS) in QRGen's Riftzilla

Reflected Cross-Site Scripting XSS vulnerability in Riftzilla's QRGen. This vulnerability allows an attavker to execute JavaScript code in the victim's browser by sending them a malicious URL using the 'id' parameter in '/article.php'. This vulnerability can be exploited to steal sensitive user...

EUVD-2018-4649

Malware in sbrugna...

EUVD-2025-13482

Malicious code in bioql PyPI...

EUVD-2025-21797

Malicious code in bioql PyPI...

CVE-2025-10434

A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

CVE-2025-10434

A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

CVE-2025-10434 IbuyuCMS Add Article article.php cross site scripting

A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

IbuyuCMS 代码注入漏洞

IbuyuCMS is a content management system of IbuyuCMS open source. A code injection vulnerability exists in IbuyuCMS 2.6.3 and earlier versions, which stems from incorrect manipulation of the parameter Title in the file /admin/article.php, and may lead to cross-site scripting attacks...

PT-2025-37460

Name of the Vulnerable Software and Affected Versions: IbuyuCMS versions up to 2.6.3 Description: A vulnerability exists in IbuyuCMS that allows for cross site scripting. The issue is located in the Add Article Page component, specifically within the file /admin/article.php?a=mod. Manipulation of...

CVE-2025-55409

FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code...

CVE-2025-7748

A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-7748

The CVE pertains to ZCMS 3.6.0, specifically the Create Article Page component. The vulnerability arises from improper handling of the Title parameter, enabling cross-site scripting (XSS). It is exploitable remotely and is publicly disclosed. Several connected sources corroborate that manipulatin...

CVE-2025-7748 ZCMS Create Article Page cross site scripting

A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-7748 ZCMS Create Article Page cross site scripting

A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public...

PT-2025-29932 · Zcms · Zcms

Name of the Vulnerable Software and Affected Versions: ZCMS version 3.6.0 Description: A problematic issue exists in ZCMS 3.6.0 within the Create Article Page component. Manipulation of the Title argument can lead to cross-site scripting. The attack can be initiated remotely, and the exploit has...

ZVING ZCMS 代码注入漏洞

ZVING ZCMS Zeyuan Web Content Management System is an enterprise-level web content management software from China Zeyuan Software ZVING Company. A code injection vulnerability exists in ZVING ZCMS version 3.6.0, which originates from improper handling of the parameter Title in the component Creat...

CVE-2024-44839

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php...

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

CVE-2021-36484

SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page...

CVE-2025-4323

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...