UBUNTU-CVE-2025-70128

A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...

CVE-2025-70128

A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...

CVE-2025-10811

A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/modcomments/index.php?view=view. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-10811

CVE-2025-10811 concerns code-projects Hostel Management System 1.0. The vulnerability is a SQL injection in the parameter ID of the file /justines/admin/mod_comments/index.php?view=view, caused by lack of input validation. Attacks could be executed remotely and data theft is possible; exploitatio...

CVE-2020-25751

The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=compago&view=comments filterpublished parameter...

lolcounter.com XSS vulnerability

Open Bug Bounty ID: OBB-189006 Description| Value ---|--- Affected Website:| lolcounter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...