EUVD-2025-208653

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

CVE-2025-10955

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Netcad Software Inc. Netigma allows XSS Through HTTP Query Strings.This issue affects Netigma: from 6.3.5 before 6.3.5 V8...

PT-2025-45183

Name of the Vulnerable Software and Affected Versions Netigma versions 6.3.5 through 28102025 Description Netigma software contains a flaw related to improper neutralization of input during web page generation, potentially leading to Cross-site Scripting XSS. This issue arises from vulnerabilitie...

EUVD-2025-10903

Malicious code in bioql PyPI...

CVE-2024-9147

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings. This issue affects PosPratik: before v3.2.1...

CVE-2025-22373

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SicommNet BASEC on SaaS allows Reflected XSS, XSS Through HTTP Query Strings, Rendering of Arbitrary HTML and alternation of CSS Styles This issue affects BASEC: from 14 Dec 2021...

CVE-2024-9147

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings. This issue affects PosPratik: before v3.2.1...

CVE-2024-9147

Summary: CVE-2024-9147 concerns a Basic XSS in Bna Informatics PosPratik prior to v3.2.1 due to improper neutralization of script-related HTML tags in HTTP query strings. Affected product/version: PosPratik pre-3.2.1. Root cause: insufficient sanitization of user-supplied input in query strings l...

CVE-2024-9147 HTML Injection in Bna Informatics' PosPratik

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings. This issue affects PosPratik: before v3.2.1...

CVE-2024-9147 HTML Injection in Bna Informatics' PosPratik

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings. This issue affects PosPratik: before v3.2.1...

Microsoft Forefront UAG Default Reflected Cross-site Scripting (MS11-079; CVE-2011-1897)

A cross-site scripting vulnerability has been reported in Microsoft Forefront Unified Access Gateway UAG server. The vulnerability is due to an error in the way the UAG server handles incoming HTTP query strings. A remote attacker could exploit this issue by enticing a user to open a URL containi...

[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection

2009-010 mimeTeX and mathTeX buffer overflows and command injection Description: The mimeTeX and mathTeX CGIs are widely used helper executables that allow mathematical equation rendering in the form of images. Both applications suffer from several buffer overflows as well as command injection...