CVE-2026-40038

Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into POST parameters. Attackers can inject scripts through the value, commentbody, articlecontent, description, and message parameters...

CVE-2016-20032

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...

EUVD-2014-3445

Malware in sbrugna...

EUVD-2025-21704

Malicious code in bioql PyPI...

CVE-2022-39348 Twisted vulnerable to NameVirtualHost Host header injection

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and scri...

CVE-2020-12817

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors...

CVE-2020-3955

CVE-2020-3955 affects VMware ESXi 6.5 and 6.7 via a stored XSS in the ESXi Host Client when viewing virtual machine attributes. The underlying issue is improper neutralization of script-related HTML, allowing an authenticated attacker who can modify VM properties (e.g., hostname) to inject script...

CVE-2017-16043

Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout =0.44.0 =0.49.3...

CVE-2017-16043

Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout =0.44.0 =0.49.3...

Command injection

Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout =0.44.0 =0.49.3...

CVE-2017-16043

Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout =0.44.0 =0.49.3...

Catalyst Mahara Stored Cross-Site Scripting Vulnerability

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A stored cross-site scripting vulnerability exists in Catalyst Mahara versions 1.9 before 1.9.6, 1.10 before 1.10.4, and 15.04 before 15.04.1. A remot...

WonderCMS 0.9.8 Cross Site Scripting

============================================= MGC ALERT 2016-006 - Original release date: Nov 16, 2016 - Last revised: Nov 21, 2016 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score ============================================= I. VULNERABILITY -------------------------...

Infor CRM 8.2.0.1136 Cross Site Scripting

Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities Vendor: Infor Product web page: http://www.infor.com Affected version: 8.2.0.1136 Summary: Infor® CRM, formerly Saleslogix, is an award-winning customer relationship management CRM solution that provides a complete view of...

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities

Exploit for multiple platform in category web applications Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities Vendor: Infor Product web page: http://www.infor.com Affected version: 8.2.0.1136 Summary: Infor® CRM, formerly Saleslogix, is an award-winning customer relationship...

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities

Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities Vendor: Infor Product web page: http://www.infor.com Affected version: 8.2.0.1136 Summary: Infor® CRM, formerly Saleslogix, is an award-winning customer relationship management CRM solution that provides a complete view of...

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities Vendor: Infor Product web page: http://www.infor.com Affected version: 8.2.0.1136 Summary: Infor® CRM, formerly Saleslogix, is an award-winning customer...

Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities

Summary Infor® CRM, formerly Saleslogix, is an award-winning customer relationship management CRM solution that provides a complete view of customer interactions, so your business can collaborate and respond promptly and knowledgably to customer inquiries, sales opportunities, and service request...

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities

Full Disclosure: Exploit Title : Belkin N150 Wireless Home Router Multiple Vulnerabilities Exploit Author : Rahul Pratap Singh Date : 30/Nov/2015 Home Page Link : http://www.belkin.com Blog Url : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Status : Not Patche...

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities Full Disclosure: Exploit Title : Belkin N150 Wireless Home Router Multiple Vulnerabilities Exploit Author : Rahul Pratap Singh Date : 30/Nov/2015 Home Page Link : http://www.belkin.com Blog Url : 0x62626262.wordpress.com Linkedin :...