CVE-2026-27469

Isso is a lightweight commenting server written in Python and JavaScript. In commits before 0afbfe0691ee237963e8fb0b2ee01c9e55ca2144, there is a stored Cross-Site Scripting XSS vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, whi...

Isso 安全漏洞

Isso is a comment server open-source project developed by Isso Comments. Isso has a security vulnerability, which stems from insufficient cleaning and escaping of fields related to website and author comments. This vulnerability may lead to storage-side cross-site scripting attacks...

EUVD-2017-16924

Malware in sbrugna...

EUVD-2020-7584

Malware in sbrugna...

EUVD-2007-1427

Malware in sbrugna...

EUVD-2006-2834

Malware in sbrugna...

CVE-2020-15597

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...

CVE-2017-18215

xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...

CVE-2024-0830

The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0. This is due to missing or incorrect nonce validation on several ajax actions. This makes it possible for unauthenticated attackers to invoke...

CVE-2024-0829

The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.0. This is due to missing or incorrect capability checks on several ajax actions. This makes it possible for authenticated attackers, with subscribe...

CVE-2021-39473

Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting XSS due to improper sanitization of comment and contact fields...

CVE-2021-39473

Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting XSS due to improper sanitization of comment and contact fields...

Cross site scripting

Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting XSS due to improper sanitization of comment and contact fields...

CVE-2021-39473

Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting XSS due to improper sanitization of comment and contact fields...

M-Files Hubshare 跨站脚本漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 3.3.10.9, which stems from incorrect input validation and output encoding of all of its...

WP Comments Fields < 4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape Field Error Message, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a Comment Fields Comments Comment Fields and put the following payload in the Error Message setting: "autofocus...

CVE-2020-15597

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...

Scientific Linux Security Update : fence-agents on SL7.x x86_64 (20190806)

fence-agents: mis-handling of non-ASCII characters in guest comment fields CVE-2019-10153 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128217; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...

RHEL 7 : fence-agents (RHSA-2019:2037)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2037 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

Memory corruption

xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...