CVE-2026-4801

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...

PT-2026-33588

Name of the Vulnerable Software and Affected Versions CoBlocks versions prior to 3.1.17 Description The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient output escaping of event titles, descriptions, and...

EUVD-2015-8562

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-39276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...

Design/Logic Flaw

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote...

CVE-2022-36112

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests ca...

CVE-2022-36112

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests ca...

Multiple Cross-Site Scripting Vulnerabilities in Dolibarr ERP/CRM

Dolibarr ERP/CRM is the software that manages your company's business information. Multiple cross-site scripting vulnerabilities in Dolibarr ERP/CRM 3.8.3 and prior versions allow remote attackers to inject arbitrary web script or HTML via the url of an external calendar or the "Import External...

CVE-2015-8685

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...

CVE-2015-8685

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...

CVE-2015-8685

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...

dolibarr HTML Injection

Title: HTML Injection in dolibarr Author: Sergio Galán - @NaxoneZ Date: Dec 24,2015 Vendor Homepage: http://www.dolibarr.es/ Vulnerable version: More Info =======https://github.com/Dolibarr/dolibarr/issues/4291 Fixed =======...