mailcow: dockerized 安全漏洞

mailcow: dockerized is a Dockerized version of the mailcow open-source application. Versions before 2026-03b of mailcow have security vulnerabilities; these vulnerabilities stem from a second-level SQL injection in the quarantinecategory field, which may allow arbitrary SQL executions and the...

Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module

Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...

CVE-2026-31354

Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...

EUVD-2019-19899

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

CVE-2019-25373

OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the category parameter. Attackers can send POST requests to firewallrulesedit.php with script payloads in the category field to execute...

CVE-2019-25373

OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the category parameter. Attackers can send POST requests to firewallrulesedit.php with script payloads in the category field to execute...

CVE-2019-25373 OPNsense 19.1 Stored XSS via firewall_rules_edit.php

OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the category parameter. Attackers can send POST requests to firewallrulesedit.php with script payloads in the category field to execute...

CVE-2021-27822

A persistent cross site scripting XSS vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field...

Code-Projects Simple Food Ordering System 代码注入漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname/category/price in the file /addproduct.php, which c...

EUVD-2021-14561

Malware in sbrugna...

CVE-2023-41593

Multiple cross-site scripting XSS vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters...

CVE-2023-41593

Multiple cross-site scripting XSS vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters...

CVE-2023-41593

Multiple cross-site scripting XSS vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters...

Dairy Farm Shop Management System Cross-Site Scripting Vulnerability

Dairy Farm Shop Management System is a Dairy Farm Shop Management System by Anuj Kumar Personal Developer. A security vulnerability exists in Dairy Farm Shop Management System v1.1. An attacker can exploit this vulnerability to execute arbitrary web script and HTML by injecting a specially crafte...

Cross site scripting

Cross Site Scripting XSS vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit...

GHSA-XXM6-FF3X-V4VM thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the category field name parameter. This has been fixed in 3.1.12...

thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the category field name parameter. This has been fixed in 3.1.12...

PT-2023-17313 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to stored Cross-site Scripting XSS due to the failure to sanitize user input in the category field name parameter. This allows for the storage of malicious scripts...

stored XSS in the Category Field Name

Hello, After all XSS Mitigations, I detected a XSS Bypass Possibility in the Naming of the category. Let's see : ----------------- A stored XSS through this Payload Thank you for watching :...