CVE-2025-63238

A Reflected Cross-Site Scripting XSS affects LimeSurvey versions prior to 6.15.11+250909, due to the lack of validation of gid parameter in getInstance function in application/models/QuestionCreate.php. This allows an attacker to craft a malicious URL and compromise the logged in user...

SourceCodester Pet Grooming Management Software SQL注入漏洞

SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter groupid in the file...

CVE-2024-11167

Affected software/version : danny-avila/librechat

PT-2024-20904 · Fuel Cms · Fuel Cms

Name of the Vulnerable Software and Affected Versions: FUEL CMS version 1.5.2 Description: A reflected Cross-Site Scripting XSS issue allows attackers to run arbitrary code via a crafted string after the group id parameter. Recommendations: For FUEL CMS version 1.5.2, consider restricting access ...

Centreon 安全漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon, which is caused by unknown code in the...