CVE-2026-6990

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

Projectworlds Lawyer Management System 代码注入漏洞

The Projectworlds Lawyer Management System is an open-source lawyer management system developed by Projectworlds. Version 1.0 of the Projectworlds Lawyer Management System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Description” in t...

CVE-2025-62358

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...

Russian FSB Cross Site Scripting

/! - VULNERABILITY: Cross Site Scripting Federal Security Service of the Russian Federation - Authenticated Persistent XSS - GOOGLE DORK: inurl:fsb.ru/fsb/sh.htm?query= - DATE: 2024-11-29 - SECURITY RESEARCHER: E1.Coders - VENDOR: FSB http://www.fsb.ru/ - SOFTWARE LINK: http://www.fsb.ru/ - CVSS:...

xepcoh.info Cross Site Scripting vulnerability OBB-3958783

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

llm.net.tw Cross Site Scripting vulnerability OBB-3953735

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-41354

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...

afg.sk Cross Site Scripting vulnerability OBB-3950773

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-41355

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/tools/request-ip/index.php...

CVE-2024-41357

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...

CVE-2024-41356

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...

CVE-2024-41353

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...

CVE-2024-41354

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...

CVE-2024-41355

The CVE-2024-41355 entry concerns phpipam 1.6 and a Cross Site Scripting (XSS) vulnerability exploitable through /app/tools/request-ip/index.php. The connected sources confirm the affected product and endpoint but do not provide details on root cause, exploitability status, or a patch/remediation...

CVE-2024-6938

SiYuan 3.1.0 is affected by CVE-2024-6938 in the PDF Handler’s PDF.js functionality. The vulnerability enables cross-site scripting via the PDF.js component, with remote exploitation possible. The PT-2024-37976 entry confirms this affects SiYuan 3.1.0 and attributes the issue to the PDF.js file w...

workbench.sdsc.edu Cross Site Scripting vulnerability OBB-3947811

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tubbytodd.com.xx3.kz Cross Site Scripting vulnerability OBB-3947322

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mykts.com Cross Site Scripting vulnerability OBB-3946316

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

carmf.fr Cross Site Scripting vulnerability OBB-3940408

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-6374 lahirudanushka School Management System Subject Page subject.php cross site scripting

A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as problematic. This issue affects some unknown processing of the file /subject.php of the component Subject Page. The manipulation of the argument Subject Title/Sybillus Details leads to cross site...