EUVD-2025-28376

Malicious code in bioql PyPI...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

CVE-2025-50859

CVE-2025-50859 affects Easy Hosting Control Panel (EHCP) 20.04.1.b and is a reflected cross-site scripting vulnerability in the Change Template function. An authenticated user can supply a crafted template parameter to trigger arbitrary JavaScript execution, with impact described as partial in so...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting

Easy Hosting Control Panel version 20.04.1.b suffers from a cross site scripting vulnerability in the ftpusername parameter. This enables the attacker to inject malicious JavaScript payloads, leading to session hijacking, redirection to malicious sites, defacement, or other actions performed in t...

CVE-2024-3711

The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized plugin setting update due to a missing capability check on the functions actionrequestdisable, actionchangetemplate, and actionrequestenable in all versions up to, and including, 2.4.43. This makes it possible for...

PT-2024-27305 · WordPress · Brizy

Name of the Vulnerable Software and Affected Versions: Brizy – Page Builder plugin for WordPress versions up to, and including, 2.4.43 Description: The issue is related to a missing capability check on the functions action request disable, action change template, and action request enable. This...

XOOPS Cube Legacy cross-site scripting vulnerability

Overview XOOPS Cube Legacy from XOOPS Cube Project contains a cross-site scripting vulnerability. XOOPS Cube Legacy from XOOPS Cube Project is an open source contents management system. XOOPS Cube Legacy contains a cross-site scripting vulnerability. According to the developers, a XOOPS Cube Lega...