CVE-2025-50574

Cross-site scripting XSS vulnerability in blog-details.php in Hiruna Gallage's Glamour Salon Management System v1 allows remote attackers to inject arbitrary web script or HTML via the blog comment section parameter...

CVE-2025-50574

CVE-2025-50574 is an XSS vulnerability affecting the Glamour Salon Management System v1, specifically in the blog-details.php component. The issue arises from insufficient input filtering on the blog comment section parameter, allowing remote attackers to inject arbitrary script or HTML. Multiple...

CVE-2025-50574

Cross-site scripting XSS vulnerability in blog-details.php in Hiruna Gallage's Glamour Salon Management System v1 allows remote attackers to inject arbitrary web script or HTML via the blog comment section parameter...

Glamour Salon Management System 安全漏洞

Glamour Salon Management System is a salon management system by the individual developer Hiruna Gallage. A security vulnerability exists in Glamour Salon Management System v1, which stems from the blog comment section parameter in blog-details.php not being filtered correctly, which could lead to...

EUVD-2025-36523

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SRC, DST, and COMMENT parameters when creating a time constraint rule. When a user adds a time constraint rul...

CVE-2025-34314 IPFire < v2.29 Stored XSS via Time Constraint Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SRC, DST, and COMMENT parameters when creating a time constraint rule. When a user adds a time constraint rul...

PT-2025-44173

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description The software contains a stored cross-site scripting XSS issue that allows an authenticated attacker to inject arbitrary JavaScript code. This is achieved by manipulating the SRC, DST, a...

CVE-2025-60859

Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...

EUVD-2012-3996

Malware in sbrugna...

EUVD-2011-5085

Malware in sbrugna...

EUVD-2018-17142

Malware in sbrugna...

EUVD-2007-1985

Malware in sbrugna...

EUVD-2023-40199

Malicious code in bioql PyPI...

EUVD-2022-33731

Malicious code in bioql PyPI...

EUVD-2022-37149

Malicious code in bioql PyPI...

EUVD-2022-33735

Malicious code in bioql PyPI...

EUVD-2022-33736

Malicious code in bioql PyPI...

EUVD-2022-33730

Malicious code in bioql PyPI...

EUVD-2022-33732

Malicious code in bioql PyPI...

CVE-2025-53926 Emlog has Stored Cross-site Scripting vulnerability due to error

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests, therefo...