14 matches found
PT-2026-45950
Name of the Vulnerable Software and Affected Versions backpack/crud versions prior to 5.0.13 backpack/crud versions prior to 4.1.69 backpack/crud versions prior to 4.0.63 Description Reflected Cross-Site Scripting XSS occurs because error views output the exception message without escaping it. An...
CVE-2026-24127
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting XSS exists in the login error view template login.twig of versions 2.19.1 and below. The username value can be echoed back without proper contextual encoding when...
CVE-2026-24127 Typemill has Reflected XSS via login error view template
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting XSS exists in the login error view template login.twig of versions 2.19.1 and below. The username value can be echoed back without proper contextual encoding when...
CVE-2026-24127
CVE-2026-24127 pertains to Typemill, a flat-file CMS. A reflected XSS vulnerability exists in the login error view template login.twig affecting versions 2.19.1 and earlier, where the username value is echoed back without proper contextual encoding during failed authentication. This could allow a...
CVE-2026-24127 Typemill has Reflected XSS via login error view template
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting XSS exists in the login error view template login.twig of versions 2.19.1 and below. The username value can be echoed back without proper contextual encoding when...
CVE-2026-24127
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting XSS exists in the login error view template login.twig of versions 2.19.1 and below. The username value can be echoed back without proper contextual encoding when...
PT-2026-4535
Name of the Vulnerable Software and Affected Versions Typemill versions 2.19.1 and below Description Typemill is a flat-file, Markdown-based CMS for informational documentation websites. A reflected Cross-Site Scripting XSS issue exists in the login error view template login.twig. The username...
CVE-2024-36413 SuiteCRM authenticated Reflected Cross-Site Scripting
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import module error view allows for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-36413 SuiteCRM authenticated Reflected Cross-Site Scripting
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import module error view allows for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script
The default error handling view script generated using ZendTool failed to escape request parameters when run in the "development" configuration environment, providing a potential XSS attack vector. ZendToolProjectContextZfViewScriptFile was patched such that the view script template now calls the...
Potential XSS in Development Environment Error View Script
More info at https://framework.zend.com/security/advisory/ZF2011-01...
Yvora CMS 1.0 (error_view.php ID) Remote SQL Injection Vulnerability
No description provided by source. Yvora CMS v1.0 - Remote SQL Injection Vendor : http://www.yvora.nl/ Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net POC; http://www.victim.xxx/errorview.php?ID=SQL Contoh;...
Yvora CMS 1.0 - error_view.php?ID SQL Injection
Yvora CMS 1.0 - errorview.php?ID SQL Injection Yvora CMS v1.0 - Remote SQL Injection Vendor : http://www.yvora.nl/ Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net POC; http://www.victim.xxx/errorview.php?ID=SQL Contoh;...
Yvora CMS 1.0 (error_view.php ID) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Yvora CMS 1.0 errorview.php ID Remote SQL Injection Vulnerability ==================================================================== Yvora CMS v1.0 - Remote SQL Injecti...