CVE-2025-14228

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

CVE-2025-14228

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

CVE-2025-14228 Yealink SIP-T21P E2 Local Directory cross site scripting

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

EUVD-2025-201706

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

PT-2025-49545

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

EUVD-2021-22600

Malware in sbrugna...

CVE-2022-31383

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php...

Path traversal

The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can access the system directory thru Path Traversal without logging in...

CVE-2021-35967

The CVE-2021-35967 entry describes a Path Traversal vulnerability in the Orca HCM digital learning platform. The issue arises because the directory page parameter does not filter special characters, allowing remote attackers to access the system directory without authentication. The vulnerability...

Business Directory Plugin < 5.11.2 - Authenticated Stored Cross-Site Scripting

The plugin suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated Stored Cross-Site Scripting issues across various pages of the plugin. Log on as an admin, create or edit a Form Field wp-admin/admin.php?page=wpbdpadminformfields and set the Field Label input...

Cross-site Scripting (XSS)

min-http-server is vulnerable to cross-site scripting XSS. The attack is due to lack of sanitization of filenames before rendering as HTML in listing directory page...

bangor.ac.uk XSS vulnerability

Vulnerable URL: http://www.bangor.ac.uk/corporate/directory/index.php.en Details: Description| Value ---|--- Patched:| Yes, at 23.11.2015 Latest check for patch:| 23.11.2015 18:58 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 89024 Google Pagerank| 7 VIP websi...

WordPress church_admin Plugin 0.800 Stored XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress churchadmin Stored XSS Date: 21-04-2015 Exploit Author: woodspeed Vendor Homepage: https://wordpress.org/plugins/church-admin/ Version: 0.800 OSVDB ID : http://www.osvdb.org/show/osvdb/121304 WPVULNDB ID :...

WordPress Plugin church_admin 0.800 - Persistent Cross-Site Scripting

WordPress Plugin churchadmin 0.800 - Persistent Cross-Site Scripting Exploit Title: Wordpress churchadmin Stored XSS Date: 21-04-2015 Exploit Author: woodspeed Vendor Homepage: https://wordpress.org/plugins/church-admin/ Version: 0.800 OSVDB ID : http://www.osvdb.org/show/osvdb/121304 WPVULNDB ID...

ZoomStats &lt;= 1.0.2 &#40;mysql.php&#41; Remote File Include Vulnerability

ToXiC BuG FounD by Drago84 Application Affect:ZoomStats Source Code: http://prdownloads.sourceforge.net/zoomstats/ZoomStats-v1.0.2.zip?usemirror=kent Problem: $GLOBALS'lib''db''path' array not declare Solution : $GLOBALS'lib''db''path' Page Vulnerable : mysql.php Dir Page: /libs/dbmax/ Exempe Of...

Перезапись файлов Sambar Server &#40;data corruption&#41;

Обратный путь в директориях в счетчике страниц позволяет повредить любой файл...