21 matches found
EUVD-2021-17557
Malware in sbrugna...
EUVD-2022-51748
Malicious code in bioql PyPI...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
CVE-2021-30637
htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php...
CVE-2012-1227
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
HTMLy Version v2.9.6 - Stored XSS
Exploit Title: HTMLy Version v2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see XSS alert...
HTMLy 2.9.6 Cross Site Scripting
Exploit Title: HTMLy Version : 2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see xss alert...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
Cross site scripting
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
CVE-2021-30637
htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php...
CVE-2021-30637
CVE-2021-30637 affects htmly 2.8.0, allowing stored XSS via the blog title, Tagline, or Description submitted to config.html.php. The root cause is unescaped user input stored and later reflected, enabling script execution in affected pages. Public writeups and exploits exist (e.g., PacketStorm/E...
MojoPortal Cross-Site Scripting Vulnerability (CNVD-2018-05173)
mojoPortal is an American programmer Joe Audette developed a set of open source , object-oriented Web site architecture WSF and content management system CMS, it provides event calendar , photo albums , file manager and so on. A cross-site scripting vulnerability exists in the Title and Subtitle...
CVE-2012-1227
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
CVE-2012-1227
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
CVE-2011-1504
Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...
Cross site scripting
Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...