EUVD-2025-10655

Malicious code in bioql PyPI...

CVE-2025-31026

Cross-Site Request Forgery CSRF vulnerability in Austin Comment Validation Reloaded comment-validation-reloaded allows Stored XSS.This issue affects Comment Validation Reloaded: from n/a through = 0.5...

CVE-2025-31026

Cross-Site Request Forgery CSRF vulnerability in Austin Comment Validation Reloaded comment-validation-reloaded allows Stored XSS.This issue affects Comment Validation Reloaded: from n/a through = 0.5...

CVE-2025-31026 WordPress Comment Validation Reloaded plugin <= 0.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Austin Comment Validation Reloaded comment-validation-reloaded allows Stored XSS.This issue affects Comment Validation Reloaded: from n/a through = 0.5...

CVE-2025-31026 WordPress Comment Validation Reloaded plugin <= 0.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Austin Comment Validation Reloaded comment-validation-reloaded allows Stored XSS.This issue affects Comment Validation Reloaded: from n/a through = 0.5...

CVE-2025-31026

CVE-2025-31026 is a CSRF-to-Stored XSS issue in the WordPress plugin Comment Validation Reloaded. The vulnerability affects Comment Validation Reloaded versions up to 0.5 (n/a through 0.5). The provided metrics cite CVSS 3.1 base score 7.1 (HIGH) with NETWORK attack vector, LOW confidentiality/in...

WordPress plugin Comment Validation Reloaded 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

Cross-site Scripting (XSS)

Overview publifycore is a Core engine for the Publify blogging system, formerly known as Typo. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper validation of comments, which makes it possible for an attacker to inject an HTML code. PoC: Details Cross-si...

CVE-2018-14802

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execution...

emlog code reuse vulnerability, password blasting and other impact-vulnerability warning-the black bar safety net

Brief description: emlog code reuse. You can ignore the CAPTCHA brush comments, ignoring the code to brute force the background. Detailed description: See two days emlog source code is also not white to see it. In the comment when the service side validation of the data code as follows:...

CVE-2006-3756

Cross-site scripting XSS vulnerability in Geeklog 1.4.0sr4 and earlier, and 1.3.11sr6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when validating comments in 1 lib-comment.php 1.4.0sr4 or 2 comment.php 0.3.11sr6...