EUVD-2017-5241

Malware in sbrugna...

EUVD-2025-24130

Malicious code in bioql PyPI...

CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

PT-2025-37398

Name of the Vulnerable Software and Affected Versions: Selleo Mentingo version 2025.08.27 Description: A cross-site scripting issue exists due to manipulation of the Description argument in the processing of the /api/course/enroll-course endpoint within the Create New Course Basic Settings...

CVE-2025-8834

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack...

CVE-2025-8765

A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely...

CVE-2025-8834

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack...

CVE-2025-8834 JCG Link-net LW-N915R Wireless Basic Settings basic.asp cross site scripting

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack...

CVE-2025-8834 JCG Link-net LW-N915R Wireless Basic Settings basic.asp cross site scripting

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack...

CVE-2025-8834

The CVE-2025-8834 entry concerns JCG Link-net LW-N915R (firmware 17s.20.001.908) and affects the Wireless Basic Settings Page (/wireless/basic.asp). The issue is an input handling flaw in the Network Name parameter that enables cross-site scripting (XSS). Exploitation is described as remote; atta...

PT-2025-32524 · Jcg · Jcg Link-Net Lw-N915R

Name of the Vulnerable Software and Affected Versions: JCG Link-net LW-N915R version 17s.20.001.908 Description: A vulnerability exists in the Wireless Basic Settings Page component of JCG Link-net LW-N915R version 17s.20.001.908. Manipulation of the Network Name argument in the /wireless/basic.a...

CVE-2025-8765

A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely...

CVE-2025-8765 Datacom DM955 5GT 1200 Wireless Basic Settings cross site scripting

A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely...

CVE-2025-8765

CVE-2025-8765 affects Datacom DM955 5GT 1200 (825.8010.00) and is due to manipulation of the SSID parameter in Wireless Basic Settings, enabling reflected cross-site scripting. The vulnerability is exploitable remotely and exploitation has been disclosed publicly. Impact is limited to confidentia...

CVE-2025-8765 Datacom DM955 5GT 1200 Wireless Basic Settings cross site scripting

A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely...

CVE-2021-35248

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings...

CVE-2021-35248 Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings...

Solarwinds Orion Platform访问控制错误漏洞

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices, as well as support for customized web interfaces, multiple user opinions, and a mapped view of the entire...

Special Text Boxes <= 5.9.109 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. Put the following payload in any of the field in the 'Basic Settings' section of the plugin's setting...

CVE-2020-20699

A cross site scripting XSS vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings...