37 matches found
CVE-2026-9271 KeepInMind - Dashboard Notes < 0.8.4.2 - Contributor+ Stored XSS
Vulnerability Title...
CVE-2026-9271
Technical details for CVE-2026-9271 are not publicly available in the provided documents. Monitor for updates from official sources to obtain affected products, impact, and remediation.
CVE-2026-9271 KeepInMind - Dashboard Notes < 0.8.4.2 - Contributor+ Stored XSS
Vulnerability Title...
CVE-2021-47855
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
CVE-2021-47855
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
CVE-2021-47855 Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
EUVD-2026-3632
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
Litespeed Technologie OpenLiteSpeed Cross-Site Script Vulnerability
Litespeed Technologie OpenLiteSpeed is an open-source web server developed by Litespeed Technologie. Version 1.7.9 of Litespeed Technologie OpenLiteSpeed contains a cross-site scripting vulnerability. This vulnerability stems from a stored-cross-site scripting vulnerability in the dashboard’s Not...
PT-2026-3808
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
EUVD-2024-40121
Malicious code in bioql PyPI...
EUVD-2025-31773
Malicious code in bioql PyPI...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
Summary: CVE-2025-56392 affects Syaqui Collegetivity v1.0.0 and is caused by an insecure direct object reference in the /dashboard/notes API endpoint. An attacker can impersonate other users and perform arbitrary operations by sending a crafted POST request. Affected software/component: Syaqui Co...
Collegetivity 安全漏洞
Collegetivity is a university student activity system by the individual developer Syauqizaidan Khairan Khalaf. A security vulnerability exists in Collegetivity version 1.0.0, which stems from the presence of an insecure direct object reference in the /dashboard/notes endpoint, which could allow a...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
PT-2025-40024
Name of the Vulnerable Software and Affected Versions Syaqui Collegetivity version 1.0.0 Description An Insecure Direct Object Reference IDOR exists in the /dashboard/notes API endpoint. This allows attackers to impersonate other users and perform unauthorized actions by sending a specially craft...
CVE-2024-43226
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jeroen Sormani WP Dashboard Notes allows Stored XSS.This issue affects WP Dashboard Notes: from n/a through 1.0.11...