PT-2025-51954

Name of the Vulnerable Software and Affected Versions Zenphoto version 1.6 Description The software contains a stored cross-site scripting issue in the user postal code field. This field is accessible through the 'admin-users.php' interface. When administrators view user information that includes...

Microsoft Excel 2016 1901 Import Error XML Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-EXCEL-2016-v1901-IMPORT-ERROR-EXTERNAL-ENTITY-INJECTION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Excel 2016 v1901 Microsoft Excel is a spreadsheet...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities 1 in the WYSIWYG editors, 2 during local group creation, 3 during HTML redirects, 4 in the HTML import, 5 in the Rich text editor, and 6 in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inje...

CVE-2008-3860

Multiple cross-site scripting XSS vulnerabilities 1 in the WYSIWYG editors, 2 during local group creation, 3 during HTML redirects, 4 in the HTML import, 5 in the Rich text editor, and 6 in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inje...