EUVD-2025-206895

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Grid component in all versions up to, and including, 5.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access...

WordPress plugin Bold Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2021-0858

Malware in sbrugna...

CVE-2019-25028

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...

Design/Logic Flaw

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...

CVE-2019-25028

CVE-2019-25028 describes a stored cross-site scripting (XSS) vulnerability in Vaadin's Grid component (com.vaadin:vaadin-server). Affected are Vaadin Server versions 7.4.0–7.7.19 and 8.0.0–8.8.4. An attacker could inject malicious JavaScript via an unspecified vector, with potential impact includ...

Cross-site Scripting (XSS)

vaadin-server is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbtirary Javascript in a user's browser via a variable in the Grid component...

Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. See CWE-80: Improper Neutralization of...

Cross-Site Scripting (XSS)

sylius is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via multiple parameters in the grid component due to a lack of input and output sanitization while rendering an object that implements the toString method through the...

RHEL 6 : MRG (RHSA-2012:0099)

Updated Grid component packages that fix multiple security issues, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

RHEL 5 : MRG (RHSA-2013:0564)

Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...

RHEL 5 : MRG (RHSA-2013:1851)

An updated Grid component package that fixes multiple security issues is now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

RHEL 6 : Red Hat Enterprise MRG Grid 2.3 (RHSA-2013:0565)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0565 advisory. Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased performanc...

RHEL 6 : MRG (RHSA-2013:1294)

Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

Low: Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.3 security update

Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...

Low: Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.3 security update

Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...

Moderate: Red Hat Security Advisory: MRG Grid security, bug fix, and enhancement update

Updated Grid component packages that fix multiple security issues, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

Joomla Component Jgrid 1.0 Local File Inclusion Vulnerability

No description provided by source. Jgrid 1.0 Joomla Component Local File Inclusion Vulnerability Name Jgrid Vendor http://datagrids.clubsareus.org Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date...

CVE-2019-12186: XSS injection in the Grid component

More info at https://sylius.com/blog/cve-2019-12186/...

CVE-2019-12186: XSS injection in the Grid component

More info at https://sylius.com/blog/cve-2019-12186/...