CVE-2019-14548

An issue was discovered in EspoCRM before 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using the Knowledge Base feature in the tab list. The attacker could inject malicious JavaScript inside...

CVE-2018-10758

The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles...

CVE-2017-1001001

PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges...

CVE-2010-4905

SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...

Malicious code in pro-article-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30d5ce94037caccdc08f9aa0d0b4e3c7ad2d0aa541b93fafeba6db855b86b2d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

emlog SQL注入漏洞

emlog is emlog open source PHP and MySQL based on a set of CMS website builder . emlog 2.5.9 and previous versions exist SQL injection vulnerability , the vulnerability stems from admin/articlesave.php in the $origContent parameter is not strictly filtered , which may lead to SQL injection and...

2025-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5058387)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Uncontrolled Recursion

Overview llama-index-readers-web is a llama-index readers web integration Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper handling of the maxdepth parameter in the getarticleurls function. An attacker can exhaust system resources and crash the applicatio...

CVE-2025-4323

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-4323

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-4323

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-4323 MRCMS Edit Article Page cross site scripting

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-4323 MRCMS Edit Article Page cross site scripting

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-4323

MRCMS 3.1.2 is affected in the Edit Article Page component. The vulnerability arises from improper handling of the Title argument, enabling cross-site scripting (XSS). The issue potentially allows remote exploitation, and public disclosure of the exploit is noted. Practical impact is XSS in the a...

Cross-Site Scripting (XSS)

org.opencms, opencms-core is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper input sanitization in the Create/Modify article function, allowing JavaScript injection via the image title sub-field...

MRCMS 代码注入漏洞

MRCMS is a content management system by marker personal developer. A code injection vulnerability exists in MRCMS version 3.1.2, which stems from improper manipulation of the parameter Title in the component Edit Article Page, which could lead to a cross-site scripting attack...

PT-2025-19836 · Mrcms · Mrcms

Name of the Vulnerable Software and Affected Versions: MRCMS version 3.1.2 Description: A problematic issue has been found in the Edit Article Page component. The manipulation of the Title argument leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed ...

Cross-site Scripting (XSS)

org.opencms, opencms-core is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper handling of the author parameter under the Create/Modify article function, allowing attackers to inject arbitrary web scripts or HTML via a crafted payload...

CVE-2025-3967

A vulnerability was found in itwanger paicoding 1.0.3. It has been classified as critical. This affects an unknown part of the file /article/api/post of the component Article Handler. The manipulation of the argument articleId leads to improper authorization. It is possible to initiate the attack...

CVE-2025-3967

CVE-2025-3967 affects itwanger paicoding 1.0.3, impacting the /article/api/post endpoint of the Article Handler. The vulnerability arises from improper authorization when manipulating the articleId parameter, enabling a remote attack. Several sources confirm the issue and its potential for public...