CVE-2026-38931

A stored cross-site scripting XSS vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff Latest as of 2026-02-27 via injecting a crafted payload...

CVE-2026-38931

A stored cross-site scripting XSS vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff Latest as of 2026-02-27 via injecting a crafted payload...

PT-2026-44039

A stored cross-site scripting XSS vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff Latest as of 2026-02-27 via injecting a crafted payload...

CVE-2026-38931

CVE-2026-38931 : A stored XSS in the /admin/config-module.php component of creatorsofcode simplephp (GitHub commit 5184cff, latest as of 2026-02-27). According to the CVSS 3.1 data, the impact is limited to confidentiality and integrity (both Low), with no availability impact; access vector is Ne...

CVE-2026-38931

A stored cross-site scripting XSS vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff Latest as of 2026-02-27 via injecting a crafted payload...

CVE-2025-55202

Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7, the protections against path traversal attacks in the UI config module are insufficient, still partially allowing for attacks in very specific cases...

CVE-2025-55202

Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7, the protections against path traversal attacks in the UI config module are insufficient, still partially allowing for attacks in very specific cases...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the USB:config module...

KubeEdge Cloud Stream and Edge Stream DoS from large stream message

Impact The Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size of this message. An attacker can exploit this by sending a large message to exhaust memory and cause a DoS. The Cloud Stream server and the Edge Stream server are...

antSword

This is a comprehensive analysis of the provided code and metadata from the AntSword repository. Classification: Exploit module/toolkit targeting web applications Primary CVE ID: Not specified Target product/service or framework: Web applications Vulnerability class/vector: Not specified Probable...

PT-2017-3154 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: The issue is caused by an out-of-bounds operation in memory within the Linux kernel, specifically in the drivers/usb/core/config.c file. This can be exploited by an attacker using a specially...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...

CVE-2014-2045

Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...

CVE-2014-2045

CVE-2014-2045 affects Viprinet Multichannel VPN Router 300. The issue is multiple cross‑site scripting (XSS) vulnerabilities in both the device’s old and new web interfaces, exploitable via crafted usernames or other parameters (e.g., hostname, config inspect, atcommands, ping tool). Exploitation...

CVE-2014-2045

Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...