13 matches found
EUVD-2026-35795
Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting unsanitized input through the toDateFormat request parameter in the...
Ellucian Banner Self-Service 跨站脚本漏洞
Ellucian Banner Self-Service is a higher education self-service platform developed by the American company Ellucian. Versions of Ellucian Banner Self-Service prior to 2025-04-23 had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of proper cleaning of the input...
PT-2026-48219
Name of the Vulnerable Software and Affected Versions Ellucian Banner Self-Service versions prior to April T2 release 2025-04-23 Description A reflected cross-site scripting issue exists where unauthenticated attackers can execute arbitrary JavaScript in a victim's browser. This is achieved by...
EUVD-2025-11114
Malicious code in bioql PyPI...
CVE-2025-26950
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through = 2.0.8...
CVE-2025-26950
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through = 2.0.8...
CVE-2025-26950
CVE-2025-26950 corresponds to a stored cross-site scripting (XSS) vulnerability in Nepali Date Converter (AddonsPress) that affects versions from 0 through 2.0.8. The issue is caused by improper neutralization of input during web page generation, enabling stored XSS. Public references (Patchstack...
CVE-2025-26950 WordPress Nepali Date Converter plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through = 2.0.8...
CVE-2025-26950 WordPress Nepali Date Converter plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through = 2.0.8...
WordPress plugin Nepali Date Converter 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Nepali Date Converter plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Nepali Date Converter versions = 2.0.8...
Joomla Component com_dateconverter 0.1 - SQL Injection Vulnerability
No description provided by source. ----------------------------------------------------------------------------------------- Joomla Component comdateconverter SQL Injection Vulnerability -----------------------------------------------------------------------------------------...
Joomla! Component com_dateconverter 0.1 - SQL Injection
Joomla! Component comdateconverter 0.1 - SQL Injection ----------------------------------------------------------------------------------------- Joomla Component comdateconverter SQL Injection Vulnerability -----------------------------------------------------------------------------------------...