EUVD-2025-2929

Malicious code in bioql PyPI...

CVE-2025-22703

Cross-Site Request Forgery CSRF vulnerability in manuelvicedo Forge – Front-End Page Builder forge allows Stored XSS.This issue affects Forge – Front-End Page Builder: from n/a through = 1.4.6...

CVE-2025-22703 WordPress Forge – Front-End Page Builder plugin <= 1.4.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in manuelvicedo Forge – Front-End Page Builder forge allows Stored XSS.This issue affects Forge – Front-End Page Builder: from n/a through = 1.4.6...

CVE-2024-37218 WordPress Page Builder Sandwich <= 5.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

PT-2024-27386 · Unknown · Page Builder Sandwich

Name of the Vulnerable Software and Affected Versions: Page Builder Sandwich – Front-End Page Builder versions through 5.1.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations:...

CVE-2024-37219 WordPress Page Builder Sandwich plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PBN Hosting SL Page Builder Sandwich – Front-End Page Builder allows Stored XSS.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

CVE-2024-37219 WordPress Page Builder Sandwich plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PBN Hosting SL Page Builder Sandwich – Front-End Page Builder allows Stored XSS.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

CVE-2024-37219

CVE-2024-37219 refers to a stored XSS in Page Builder Sandwich – Front-End Page Builder for WordPress, affecting versions n/a through 5.1.0. Root cause: improper neutralization of input during web page generation. Impact stated as Stored XSS; exploitation details are not provided in the sources. ...

WordPress Page Builder Sandwich – Front-End Page Builder Plugin <= 5.1.0 is vulnerable to Broken Access Control

Software Page Builder Sandwich – Front-End Page Builder Type Plugin Vulnerable versions = 5.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1285 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID bc89ef57da60...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

SQL Injection Vulnerability in Shield Spirit Commodity Promotion System Frontend he***.php Page

Shield Spirit commodity promotion system can be applied to multiple types of public number, personal or business subscription number and service number can be used, easy to docking all kinds of public number, through the WeChat public number of the relevant interfaces configured to come into effe...

SQL injection vulnerability in Shield Spirit Commodity Promotion System front-end ad***_de***.php page

Shield Spirit commodity promotion system can be applied to multiple types of public number, personal or business subscription number and service number can be used, easy to docking all kinds of public number, through the WeChat public number of the relevant interfaces configured to come into effe...

SQL injection vulnerability in the front-end ad***_mo***_se***.php page of Shield Spirit Commodity Promotion System

Shield Spirit commodity promotion system can be applied to multiple types of public number, personal or business subscription number and service number can be used, easy to docking all kinds of public number, through the WeChat public number of the relevant interfaces configured to come into effe...

CVE-2020-14063

A stored Cross-Site Scripting XSS vulnerability in the TC Custom JavaScript plugin before 1.2.2 for WordPress allows unauthenticated remote attackers to inject arbitrary JavaScript via the tccj-content parameter. This is displayed in the page footer of every front-end page and executed in the...

SQL injection vulnerability in the front-end me***.cl***.php page of UQCMS cloud business system

UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. SQL injection vulnerability exists in the front-end me.cl.php page of UQCMS Cloud Business System. An attacker can exploit the...

74cms 4.2.26 SQL Injection Vulnerability in Frontend Aj***.php Page

Knight Talent System 74cms is a PHP + MYSQL based on the core development of a set of free + open source professional recruitment system. 74cms 4.2.26 SQL injection vulnerability exists in the frontend Aj.php page. An attacker can exploit the vulnerability to obtain sensitive information from the...

SQL injection vulnerability in the front-end am***.php page of S-CMS school website builder system

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the front-end am.php page of S-CMS School Building System. Attackers can use the vulnerability...

SQL Injection Vulnerability in Super CMS Frontend lo***.php Page

Super CMS by the SEO Research Center in order to solve the problem of website optimization and research and development of a set of products, using an object-oriented approach to independent research and development of the MVC framework development, is an open source content management system...

SQL Injection Vulnerability in Bidding System Bid Frontend sl***.aspx Page

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...

SQL Injection Vulnerability in Bidding System Bid Frontend ge***.aspx Page

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...