8 matches found
CVE-2021-41663
A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...
CVE-2026-21430
CVE-2026-21430 concerns Emlog, an open source website builder. The issue, reported in version 2.5.23, is a CSRF flaw in the article creation function. An attacker could force a user to publish an article containing arbitrary content, and when combined with stored XSS, this can lead to an account ...
EUVD-2021-28675
Malicious code in bioql PyPI...
CVE-2025-9406
A vulnerability is identified in xuhuisheng lemon up to 1.13.0 affecting the uploadImage function in CmsArticleController.java (com.mossle.cms.web.CmsArticleController.uploadImage). The Upload argument is manipulated to enable unrestricted uploads, with remote initiation and a publicly available ...
VulnCheck KEV: CVE-2023-27587
ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google...
CVE-2021-41663
A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...
CVE-2021-41663
A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...
CVE-2021-41663
A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...