15 matches found
CVE-2026-34382
Admidio (open-source user management) has a CSRF protection issue in the delete mode handler of mylist_function.php. From version 5.0.0 up to 5.0.7, deleting list configurations could occur without validating a CSRF token, allowing an authenticated user’s page to silently destroy their own list c...
CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
CVE-2025-23808
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
EUVD-2025-3440
Malicious code in bioql PyPI...
CVE-2025-23808
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
CVE-2025-23808 WordPress Custom List Table Example Plugin <=1.4.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
CVE-2025-23808 WordPress Custom List Table Example Plugin <=1.4.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
CVE-2025-23808
CVE-2025-23808 affects the WordPress plugin Custom List Table Example. The issue is described as CSRF leading to a reflected XSS, with a CVSS v3.1 base score of 7.1 (HIGH). Exploitation details, affected versions (from n/a through 1.4.1), and the reported status indicate this is a CSRF-to-reflect...
WordPress Custom List Table Example Plugin <=1.4.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Custom List Table Example versions = 1.4.1...
WordPress plugin Custom List Table Example 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Custom Li...
CVE-2023-27149
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...
CVE-2023-27149
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...
Cross site scripting
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...
PT-2023-20974 · Enhancesoft · Osticket
Name of the Vulnerable Software and Affected Versions: Enhancesoft osTicket version 1.17.2 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom...
CVE-2023-27149
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...