4 matches found
CVE-2026-30961
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...
EUVD-2025-25143
Malicious code in bioql PyPI...
CVE-2025-54117 NamelessMC allows Stored Cross-Site Scripting (XSS) in dashboard text editor
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting XSS vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed ...
CVE-2025-54117 NamelessMC allows Stored Cross-Site Scripting (XSS) in dashboard text editor
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting XSS vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed ...