EUVD-2010-0496

Malware in sbrugna...

CVE-2025-30362 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter id

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.2.8. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored XSS is particularly critical, as the malicious cod...

CVE-2024-11954

A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...

CVE-2019-14349

EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user...

CVE-2019-14349

EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user...

CVE-2019-14349

CVE-2019-14349 affects EspoCRM 5.6.4. The vulnerability is a stored XSS in the api/v1/Document functionality used for storing documents in the account tab, caused by lack of filtration of user-supplied data. An attacker can upload a crafted file whose name contains JavaScript, and the code execut...

CVE-2010-0465

Cross-site scripting XSS vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field...