5 matches found
EUVD-2025-26190
Malicious code in bioql PyPI...
CVE-2025-9646
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
CVE-2025-9646
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
CVE-2025-9646 O2OA calendarConfig cross site scripting
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
WordPress Booking Calendar Contact Form 1.0.23 CSRF / XSS
Exploit Title: Wordpress booking calendar contact form =v1.0.23 - Privilege escalation / stored XSS vulnerabilities Date: 2016-02-08 Google Dork: Index of /wp-content/plugins/booking-calendar-contact-form Exploit Author: Joaquin Ramirez Martinez i0 SEC-LABORATORY Vendor Homepage:...