12 matches found
CVE-2019-7169
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3...
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...
CVE-2019-7171
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8...
EUVD-2024-47705
Malicious code in bioql PyPI...
EUVD-2022-2122
Malicious code in bioql PyPI...
EUVD-2022-1310
Malicious code in bioql PyPI...
CVE-2019-7170
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies...
GHSA-847X-X4JG-6GF4 croogo Host header injection
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...
CVE-2024-29643
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...
CVE-2024-29643
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...
CVE-2024-29643
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...
CVE-2024-29643
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...