CVE-2025-53926 Emlog has Stored Cross-site Scripting vulnerability due to error

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests, therefo...

emlog 跨站脚本漏洞

emlog is emlog open source a PHP and MySQL based CMS website builder. A cross-site scripting vulnerability exists in emlog pro-2.5.17 and earlier versions, which stems from insufficient cleanup of the comment and comname parameters and could lead to a remote attacker injecting reflective cross-si...

CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...

CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...

Phpgurukul Client Management System 跨站脚本漏洞

Phpgurukul Client Management System is a client management system from the US-based PHPGurukul, Inc. A cross-site scripting vulnerability exists in the Phpgurukul Client Management System, which originates from cross-site scripting in edit-client-details.php that allows an attacker to execute...

CVE-2024-30989

CVE-2024-30989 affects the phpgurukul Client Management System (PHP & MySQL 1.1). A cross-site scripting vulnerability exists in /edit-client-details.php that allows attackers to execute arbitrary code through the cname, comname, state, and city parameters. The connected documents do not specify ...

WordPress plugin WP Photo Album stores cross-site scripting vulnerabilities

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin WP Photo Album. Due to the lack of user-supplied filters for scripts passed to the...