CVE-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting stored XSS vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability,...

EUVD-2023-57353

Malicious code in bioql PyPI...

EUVD-2023-48523

Malicious code in bioql PyPI...

EUVD-2023-48525

Malicious code in bioql PyPI...

EUVD-2023-49440

Malicious code in bioql PyPI...

CVE-2023-50864 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49677

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database...

Nagios XI Local Elevation of Privilege Vulnerability

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local elevation of privilege vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from cleaner.php...

CVE-2021-37349

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because cleaner.php does not sanitise input read from the database...

CVE-2021-37349

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because cleaner.php does not sanitise input read from the database...

Nagios XI 安全漏洞

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local elevation of privilege vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from cleaner.php...

zzzphp SQL Injection Vulnerability

zzphp is a free open source building system , mainly facing the majority of webmasters to use , do not need authorization , can be free of charge commercially . zzzphp v1.8.0 SQL injection vulnerability exists , the vulnerability stems from the lack of database-based applications to validate...

SolarWinds Network Performance Monitor SQL Injection Vulnerability

SolarWinds Network Performance Monitor NPM is a network performance monitor from SolarWinds, Inc. that provides monitoring and reporting, tracking of up/down status, real-time analytics, and network performance statistics for routers, virtualized environments, and other devices. A SQL injection...

Cisco Prime Collaboration Provisioning Tool Cross-Site Scripting Vulnerability (CNVD-2018-05347)

The Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication service capabilities for IP telephony, voice mail, and unified communications environments.The User Provisioning tab is one of the us...