3862 matches found
Liferay Portal和Liferay DXP 跨站请求伪造漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...
EUVD-2025-33257
A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-60299
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...
CVE-2025-60299
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...
CVE-2025-60299
CVE-2025-60299 affects Novel-Plus version 5.2.0 with a stored XSS in the /book/addCommentReply endpoint. An authenticated user can inject JavaScript via the replyContent parameter when replying to a book comment; the payload is stored in the database and executes in other users’ browsers viewing ...
CVE-2025-60299
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...
PT-2025-41256
Name of the Vulnerable Software and Affected Versions Novel-Plus version 5.2.0 Description An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment via the /book/addCommentReply endpoint. The malicious payload is stored in the databa...
CVE-2025-60299
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...
EUVD-2025-33177
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...
CVE-2025-11276
A security flaw has been discovered in Rebuild up to 4.1.3. Affected by this issue is some unknown functionality of the component Comment/Guestbook. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 4.1.4 can resolve this...
EUVD-2010-1628
Malware in sbrugna...
EUVD-2015-6875
Malware in sbrugna...
EUVD-2010-4340
Malware in sbrugna...
EUVD-2019-10959
Malware in sbrugna...
EUVD-2005-1502
Malware in sbrugna...
EUVD-2011-4234
Malware in sbrugna...
EUVD-2008-2962
Malware in sbrugna...
EUVD-2020-24139
Malware in sbrugna...
EUVD-2019-19127
Malware in sbrugna...
EUVD-2008-4713
Malware in sbrugna...