CVE-2018-10023

Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun aka an authenticated comment...

EUVD-2022-2480

Malicious code in bioql PyPI...

GHSA-52XR-WX26-9RFG GeniXCMS Cross-site Scripting (XSS)

GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator...

Stars Rating < 3.5.1 - Comments Denial of Service

The plugin does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated. Enable rating for a post/page, add a comment, capture the...

Cross site scripting

Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun aka an authenticated comment...

CVE-2017-8376

GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator...

CVE-2017-8376

GeniXCMS 1.0.2 is reported to have an authenticated XSS vulnerability triggered by mishandling of a comment during a mouse operation by an administrator. The flaw affects the CMS when processing a comment in an authenticated context; no remediation or fix version is provided in the connected docu...