EUVD-2017-1248

Malware in sbrugna...

EUVD-2022-45072

Malicious code in bioql PyPI...

CVE-2025-43818

Cross-site scripting XSS vulnerability in the Calendar widget in Liferay Portal 7.4.3.35 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.6, 7.4 update 35 through update 92, and 7.3 update 25 through update 36 allows remote attackers to inject arbitrary we...

CVE-2022-41968

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for...

Nextcloud 资源管理错误漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A resource management error vulnerability exists in Nextcloud Server versions prior to 23.0.10, and prior to 24.0.5, which stems from a calendar name lengt...

PT-2022-26191 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 23.0.10 Nextcloud Server versions prior to 24.0.5 Description: The issue arises from the lack of validation of calendar name lengths before they are written to a database. This allows an attacker to send...

Nextcloud: Calendar name length not validated before writing to database

Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m92j-xxc8-hq3v...

CVE-2020-9371

Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabcappointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML...

Cross site scripting

Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabcappointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML...