336 matches found
WordPress Glossary plugin <= 2.2.38 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Glossary versions = 2.2.38...
CVE-2025-52482
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
CVE-2025-52482
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
CVE-2025-52482
CVE-2025-52482 affects Chamilo LMS prior to version 1.11.30, with a stored XSS vulnerability in the glossary function. The issue allows users with the Teachers role to inject JavaScript against the administrator via the glossary/trigger paths (e.g., /main/glossary/index.php and related tracking r...
CVE-2025-52482
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
EUVD-2025-208167
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
CVE-2025-52482 Chamilo: Stored XSS in glossary function via /main/glossary/index.php trigger in /main/tracking/course_log_resources.php
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
CVE-2025-52482 Chamilo: Stored XSS in glossary function via /main/glossary/index.php trigger in /main/tracking/course_log_resources.php
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
CVE-2025-52482 Chamilo: Stored XSS in glossary function via /main/glossary/index.php trigger in /main/tracking/course_log_resources.php
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30...
PT-2026-22590
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description Chamilo is a learning management system. A Stored Cross-Site Scripting XSS issue exists within the glossary function. Users with the Teachers role can inject JavaScript malicious code, potentially...
CVE-2020-10493
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request...
CVE-2020-10481
CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request...
📄 phpMyFAQ 2.9.8 Cross Site Request Forgery
phpMyFAQ version 2.9.8 suffers from multiple cross site request forgery vulnerabilities. These are proof of concepts from issues stemming back in 2017. Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage:...
phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)
Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Version: 2.9.8 Tested on: Ubuntu Windows CVE : CVE-2017-15735 PoC: While still logged...
EUVD-2009-4267
Malware in sbrugna...
EUVD-2021-11590
Malware in sbrugna...
EUVD-2017-17758
Malware in sbrugna...
EUVD-2018-12478
Malware in sbrugna...
EUVD-2016-1076
Malware in sbrugna...
EUVD-2005-1802
Malware in sbrugna...