EUVD-2025-3844

Malicious code in bioql PyPI...

CVE-2025-24646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc XML for Avito xml-for-avito allows Reflected XSS.This issue affects XML for Avito: from n/a through = 2.5.2...

CVE-2025-24646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc XML for Avito xml-for-avito allows Reflected XSS.This issue affects XML for Avito: from n/a through = 2.5.2...

CVE-2025-24646 WordPress XML for Avito Plugin <= 2.5.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc XML for Avito xml-for-avito allows Reflected XSS.This issue affects XML for Avito: from n/a through = 2.5.2...

WordPress plugin XML for Avito 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2025-5470 · Unknown · Xml For Avito

Name of the Vulnerable Software and Affected Versions: XML for Avito versions prior to 2.5.2 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS attacks, specifically Reflected XSS. This means that an attacker...

WordPress XML for Avito Plugin <= 2.5.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin XML for Avito versions = 2.5.2...

MAL-2022-1186 Malicious code in avito (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 754d4412e0c50adbdfbad633f62c8c1edb7c4405299a828af25e873130b1ce16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in avito (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 754d4412e0c50adbdfbad633f62c8c1edb7c4405299a828af25e873130b1ce16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Avito: link.avito.ru - Bypass of restrictions on external links.

Hello Avito! On "link.avito.ru" subdomain of "www.avito.ru" attacker able to bypass restriction for dangerous external links via trusted domain google.com. This scenario may be also possible with all other trusted subdomains of avito such as "yandex.ru" and so on, but in this example i'm used...

Avito: reflected XSS avito.ru

Привет, авито Я нашел у вас хсс. 1. Переходим по этой ссылке https://www.avito.ru/sankt-peterburg?verifyUserLocation=1login?next=javascript:alert;// 2. Логинимся через ОК, ВК и т.д. 3. XSS выполнена. Impact XSS...

Avito - Exported ContentProvider, MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Avito published at the 'play' market has multiple vulnerabilities...