43 matches found
CVE-2026-40305
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user could craft a request that would force the acceptance of a friend request on another user. Version 10.2.2...
EUVD-2018-3524
Malware in sbrugna...
EUVD-2025-10058
Malicious code in bioql PyPI...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
CVE-2018-11493
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link=index=add...
CVE-2025-3386
A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...
CVE-2025-3386
A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...
CVE-2025-3386
CVE-2025-3386 affects LinZhaoguan pb-cms 2.0, specifically the Friendship Link Handler’s /admin#links function. The vulnerability is a cross-site scripting issue described as potentially exploitable remotely, with the exploit disclosed publicly. Multiple sources corroborate the issue, including R...
CVE-2025-3386 LinZhaoguan pb-cms Friendship Link admin#links cross site scripting
A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...
CVE-2025-3386 LinZhaoguan pb-cms Friendship Link admin#links cross site scripting
A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...
pb-cms 代码注入漏洞
pb-cms waterfall content management system is a content management system developed by LinZhaoguan. A code injection vulnerability exists in pb-cms version 2.0, which is caused by cross-site scripting in Friendship Link Handler...
Cross Site Scripting (XSS)
Jfinalcms is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper input validation in the friendship link component, allowing a remote attacker to execute arbitrary code through a crafted script...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
PT-2024-14079 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: Jfinalcms version 5.0.0 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component. This enables the attacker to perform unauthorized actions on the...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
Online safety tips for LGBTQIA+ communities
The internet is great for bringing people together, helping you feel part of a community, and staying in touch with your nearest and dearest. But it can also be a nasty place - from malware to scammers, to people just being plain awful to others. It's probably not surprising to read that recent...
MAL-2023-604 Malicious code in mlp-friendship-map-mapping (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76abb07078c4e50437fae33f4f845fad2aa8532a9503d2c5ea91f4bf6f9a5bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...