PT-2026-28694

Name of the Vulnerable Software and Affected Versions code-projects Social Networking Site version 1.0 Description A cross site scripting issue exists due to the manipulation of the content argument within an unknown function of the file '/home.php' of the Alert Handler component. Remote...

Cross-site Scripting (XSS)

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the Save function. An attacker with page editing privileges can inject malicious HTML content by manipulating the content argument. Details Cross-site...

PT-2024-17560 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 1.0 Description: The issue is related to incorrect code generation management in the Template Handler component of the JFinalCMS system. Exploitation of this issue may allow a remote attacker to execute arbitrary code. The...

Cross site scripting

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teachermessage.php of the component Create Message Handler. The manipulation of the argument Content with the input alertx leads to cross...

PT-2022-9011 · Unknown · Annyshow Duxcms

Name of the Vulnerable Software and Affected Versions: annyshow DuxCMS version 2.1 Description: A vulnerability was found in the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the content argument leads to cross-site scripting. It is possible to...