EUVD-2025-2794

Malicious code in bioql PyPI...

CVE-2025-22514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yamna Khawaja KNR Author List Widget knr-author-list-widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through = 3.1.1...

CVE-2025-22514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yamna Khawaja KNR Author List Widget knr-author-list-widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through = 3.1.1...

CVE-2025-22514 WordPress Axact Author List Widget Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yamna Tatheer KNR Author List Widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through 3.1.1...

CVE-2025-22514

CVE-2025-22514 corresponds to a reflected Cross-Site Scripting vulnerability in KNR Axact Author List Widget (KNR Author List Widget). Connected Red Hat entry and other sources confirm the affected product as KNR Author List Widget and list the issue as Reflected XSS, affecting versions from n/a ...

WordPress plugin KNR Author List Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-4507 · Unknown · Yamna Tatheer Knr Author List Widget

Name of the Vulnerable Software and Affected Versions: Yamna Tatheer KNR Author List Widget versions n/a through 3.1.1 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This can ...

WordPress Axact Author List Widget Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin KNR Author List Widget versions = 3.1.1...

CVE-2024-24014

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/author/list...

Novel-Plus SQL Injection Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. An SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and earlier versions, which stems from an SQL injection vulnerability in the path /novel/author/list...

PT-2024-20233 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 4.3.0-RC1 and prior Description: A SQL injection issue exists, allowing an attacker to perform SQL injection by passing crafted offset, limit, and sort parameters via the "/novel/author/list" API endpoint. Recommendations:...

novel-plus SQL注入漏洞

novel-plus novel boutique-plus is a multi-end PC, WAP reading, functional original literature CMS system. novel-plus version 3.6.2 suffers from a SQL injection vulnerability, which originates from a problem with the file /author/list?limit=10&offset=0&order=desc, where the operation of the...

PT-2023-17435 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.2 Description: A critical issue affects the processing of the file "/author/list?limit=10&offset=0&order=desc". The manipulation of the sort argument leads to SQL injection. This issue can be exploited remotely...

WordPress KNR Author List Widget plugin <= 2.0.0 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress KNR Author List Widget plugin = 2.0.0 SQL Injection Vulnerability Date: 2011-09-06 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/knr-author-list-widget.zip Version:...

WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection

WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection Exploit Title: WordPress KNR Author List Widget plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 --------------- Vulnerable code --------------- foreach $GET'listItem' as $position = $item : $iterSql = "UPDATE $wpdb-users SET...

WordPress KNR Author List Widget Plugin <= 2.0.0 - SQL Injection

KNR Author List Widget plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress KNR Author List Widget 2.0.0 SQL Injection

Exploit Title: WordPress KNR Author List Widget plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 --------------- Vulnerable code --------------- foreach $GET'listItem' as $position = $item : $iterSql = "UPDATE $wpdb-users SET knrauthororder = $position WHERE ID = $item";...

WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection

Exploit Title: WordPress KNR Author List Widget plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 --------------- Vulnerable code --------------- foreach $GET'listItem' as $position = $item : $iterSql = "UPDATE $wpdb-users SET knrauthororder = $position WHERE ID = $item";...

WordPress KNR Author List Widget plugin <= 2.0.0 SQL Injection

Exploit for php platform in category web applications Exploit Title: WordPress KNR Author List Widget plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 --------------- Vulnerable code --------------- foreach $GET'listItem' as $position = $item : $iterSql = "UPDATE $wpdb-users SET...