EUVD-2022-55990

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted...

Denial Of Service (DoS)

getgrav/grav is vulnerable to a Denial of Service DoS. The vulnerability is due to insufficient sanitization of the scheduledat parameter, which allows an attacker to inject malicious cron expressions e.g., a single quote and disrupt the admin panel functionality, leading to a denial of service...

PT-2025-48562

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.8.0-beta.27 Description Grav is susceptible to a Denial of Service DoS condition due to improper input sanitization of the scheduled at parameter when processing cron expressions. Manipulating this parameter with...

DEBIAN-CVE-2017-12583

DokuWiki through 2017-02-19b has XSS in the at parameter aka the DATEAT variable to doku.php...

UBUNTU-CVE-2017-12583

DokuWiki through 2017-02-19b has XSS in the at parameter aka the DATEAT variable to doku.php...