SUSE CVE-2026-29192

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in version 4.12.0...

CVE-2026-29192

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in version 4.12.0...

EUVD-2018-5943

Malware in sbrugna...

EUVD-2017-9164

Malware in sbrugna...

EUVD-2008-3492

Malware in sbrugna...

EUVD-2025-12437

Malicious code in bioql PyPI...

CVE-2018-14012

WolfSight CMS 3.2 allows SQL injection via the PATHINFO to the default URI...

CVE-2025-46657

Karaz Karazal through 2025-04-14 allows reflected XSS via the lang parameter to the default URI...

CVE-2025-46657

Karaz Karazal through 2025-04-14 allows reflected XSS via the lang parameter to the default URI...

CVE-2025-46657

Karaz Karazal through 2025-04-14 allows reflected XSS via the lang parameter to the default URI...

SUSE CVE-2008-2783

Multiple cross-site scripting XSS vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote attackers to inject arbitrary web script or HTML via the timestamp parameter to 1 week.php, 2 workweek.php, and 3 day.php; and 4 the horde parameter in the PATHINFO to the...

GHSA-RVRJ-J7CC-236P DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter

Cross-site scripting XSS vulnerability in DotNetNuke DNN before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the dnnVariable parameter to the default URI...

DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter

Cross-site scripting XSS vulnerability in DotNetNuke DNN before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the dnnVariable parameter to the default URI...

Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...

GHSA-C372-X57P-6X7V Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...

PT-2021-23879 · Atmail · Atmail

Name of the Vulnerable Software and Affected Versions: Atmail version 6.5.0 Description: The issue affects the WebAdmin Control Panel, allowing XSS via the format parameter to the default URI. This problem only affects products that are no longer supported by the maintainer. Recommendations: For...

Cross-site Scripting (XSS)

vrana/adminer is vulnerable to cross-site scripting XSS. The vulnerability exists through the history parameter in the default URI...

Cross-Site Scripting (XSS)

Adminer is vulnerable to cross-site scripting. The vulnerability exists via the history parameter to the default URI...

DEBIAN-CVE-2020-35572

Adminer through 4.7.8 allows XSS via the history parameter to the default URI...

CVE-2020-35572

Adminer through 4.7.8 allows XSS via the history parameter to the default URI...