CVE-2026-6996

A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched remotely. The exploit has been made availab...

CVE-2026-7110

A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/description can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published an...

CVE-2026-6996 BDCOM P3310D rmon event Tab cross site scripting

A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched remotely. The exploit has been made availab...

PT-2026-35170

A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched remotely. The exploit has been made availab...

EUVD-2026-16805

A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0. Affected is an unknown function of the file /system/system/students/assessments/databank/btnfunctions.php. Such manipulation of the argument Description leads to cross site scripting. The attack may be...

PT-2026-28697

Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0 Description A security issue exists in code-projects Online Reviewer System version 1.0. Manipulation of the Description argument in an unknown function within the file...

EUVD-2026-3219

A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting. The attack can be...

CVE-2025-11283 Frappe LMS Course cross site scripting

A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...

EUVD-2025-28855

Malicious code in bioql PyPI...

EUVD-2025-26301

Malicious code in bioql PyPI...

EUVD-2025-26204

Malicious code in bioql PyPI...

CVE-2025-10388

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

CVE-2025-10388

The CVE-2025-10388 vulnerability concerns Selleo Mentingo version 2025.08.27. Affected component: Create New Course Basic Settings, specifically the /api/course/enroll-course endpoint. Root cause: manipulation of the Description argument leading to cross-site scripting (XSS). The issue can be exp...

CVE-2025-5010

A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack...

CVE-2025-3254

A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical. Affected is an unknown function of the file /resource/add. The manipulation of the argument description leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has bee...

CVE-2025-1615

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

PT-2024-17925 · Unknown · Phpgurukul Land Record System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0 Description: A problem has been found in the code of the file /admin/contactus.php. The manipulation of the Page Description argument leads to cross-site scripting. The attack can be initiated remotel...

CVE-2024-1028

A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Post Handler. The manipulation of the argument Description with the input HACKED leads to cross site scripting. T...

CVE-2023-7123 SourceCodester Medicine Tracking System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=savemedicine. The manipulation of the argument id/name/description leads to sql injection. The attack may...

CVE-2023-7056 code-projects Faculty Management System subjects.php cross site scripting

A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/pages/subjects.php. The manipulation of the argument Description/Units leads to cross site scripting. The attack can be...