EUVD-2025-26073

Malicious code in bioql PyPI...

CVE-2025-54544

QuickCMS is vulnerable to Stored XSS via aDirFilesDescriptions parameter in files editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

CVE-2025-54544 Stored XSS in QuickCMS

QuickCMS is vulnerable to Stored XSS via aDirFilesDescriptions parameter in files editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

PT-2025-34986

Name of the Vulnerable Software and Affected Versions: QuickCMS version 6.8 Description: QuickCMS is susceptible to a Stored Cross-Site Scripting XSS issue through the aDirFilesDescriptions parameter within the files editor functionality. An attacker with administrative privileges can inject...

LocalFilesEditor 数据伪造问题漏洞

LocalFilesEditor is a software application. Photobooth software for the web, built by an active community of users and developers. A security vulnerability exists in the LocalFilesEditor extension prior to version 11.4.0.1, which stems from a file parameter not being validated by proper regular...