2755 matches found
EUVD-2019-1755
Malware in sbrugna...
EUVD-2021-17145
Malware in sbrugna...
EUVD-2023-54902
Malicious code in bioql PyPI...
EUVD-2024-53502
Malicious code in bioql PyPI...
EUVD-2023-34635
Malicious code in bioql PyPI...
EUVD-2024-2940
Malicious code in bioql PyPI...
CVE-2025-54783
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.6 and below have a Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to execute JavaScript code by modifying the HTTP Referer header to inclu...
CVE-2025-4700
GitLab CVE-2025-4700 affects GitLab CE/EE versions 15.10–18.0.4, 18.1.x before 18.1.3, and 18.2.x before 18.2.1. The issue could allow an attacker to trigger unintended content rendering that leads to Cross-site Scripting (XSS) under certain conditions. The provided documents do not specify the v...
WordPress ThemeREX Addons plugin <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via trxaddonsgetsvgfromfile Function vulnerability discovered by stealthcopter in WordPress Plugin ThemeREX Addons versions = 2.35.1.1...
CVE-2025-7865
A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross...
CVE-2025-50581
MRCMS v3.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/group/save.do...
WordPress Videopack plugin <= 4.10.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by 63n0 in WordPress Plugin Videopack versions = 4.10.3...
CVE-2025-53820
WeGIA is an open-source web manager for welfare organizations. A reflected Cross‑Site Scripting (XSS) vulnerability exists in the index.php endpoint before version 3.4.5, exploitable via the erro parameter due to insufficient input escaping/validation. Impact is described as user-injected script ...
PT-2025-27807 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: Mediawiki - GoogleDocs4MW Extension versions 1.42.X through 1.42.6 Mediawiki - GoogleDocs4MW Extension versions 1.43.X through 1.43.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known...
CVE-2025-27361
CVE-2025-27361 concerns the WordPress plugin “Photo Express for Google” (thhake) with versions
WordPress SB Breadcrumbs plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin SB Breadcrumbs versions = 1.0...
CVE-2025-46910
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47113 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47055
Adobe Experience Manager 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. A low-privileged attacker can inject malicious JavaScript that may execute in a victim’s browser when visiting a page containing the field. The CVE is documente...
CVE-2025-31638 WordPress Spare <= 1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeton Spare allows Reflected XSS. This issue affects Spare: from n/a through 1.7...