CVE-2025-28243

An issue in Alteryx Server v.2023.1.1.460 allows HTML injection via a crafted script to the pages component...

CVE-2025-27686

Dell Unisphere for PowerMax, versions prior to 10.2.0.9 and PowerMax versions prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this...

CVE-2025-23112

An issue was discovered in REDCap 14.9.6. A stored cross-site scripting XSS vulnerability allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user receive the survey, if he clicks on the field name, it triggers the XSS payload...

Google Chrome Bug Opens Access to Private Facebook Information

A browser bug in Google Chrome has been discovered that lets bad actors uncover private data stored on Facebook, Google sites and other platforms, by using video and audio HTML tags, and the filtering functions in websites. The bug in question exists in the Blink engine, which is used to power...

Microsoft SharePoint Foundation Privilege Elevation Vulnerability (3000431)

This host is missing an important security update according to Microsoft Bulletin MS14-073. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

miniBB keyword_replacer <= 1.0 (pathToFiles) File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- miniBB keywordreplacer = 1.0 pathToFiles Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian...

GOOGLE BOOK the MHTML Protocol injection-XSS vulnerability-vulnerability warning-the black bar safety net

Brief description: GOOGLE BOOK search output gaps, by the MHTML Protocol injection script code to run, resulting in aXSSvulnerabilities. Non-original, forwarded from the white hat group system32 total. Detailed description: Vulnerability to prove: mhtml:http://www. google. com/books?...

MySQL Commander &lt;= 2.7 (home) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV73$2007 ----------------------------------------------------------------------------------------- ECHOADV73$2007 MySQL Commander = 2.7 home Remote File Inclusion...

CVE-2007-0106

Cross-site scripting XSS vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not properly handled when...

Specimen Image Database (client.php) Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- SID - dir Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net ...

CampSite 2.6.1 - g_documentRoot Remote File Inclusion

CampSite 2.6.1 - gdocumentRoot Remote File Inclusion --------------------------------------------------------------------------- CampSite - BugReporter = 2.6.1 Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romani...

NuralStorm Webmail <= 0.98b (process.php) Remote Include Vulnerability

Exploit for unknown platform in category web applications ====================================================================== NuralStorm Webmail = 0.98b process.php Remote Include Vulnerability ======================================================================...

MiniBB keyword_replacer 1.0 - &#039;pathToFiles&#039; File Inclusion

--------------------------------------------------------------------------- miniBB keywordreplacer = 1.0 pathToFiles Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net :...

phpBB Shadow Premod <= 2.7.1 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ============================================================== phpBB Shadow Premod = 2.7.1 Remote File Include Vulnerability ==============================================================...

ZH2003-14SA &#40;security advisory&#41;: aspBoard XSS Vulnerability

ZH2003-14SA security advisory: aspBoard XSS Vulnerability Published: 5 august 2003 Released: 5 august 2003 Name: aspBoard Affected Systems: 1.2 Issue: Remote attackers can inject XSS script Author: [email protected] Vendor: http://www.freezingcold.com Description Zone-h Security Team has...

phpLinks &lt; 2.1.2 - Multiple Vulnerabilities

phpLinks Multiple Vulnerabilities Vendor: destiney.com Product: phpLinks Version: = 2.1.2 Website: http://phplinks.sourceforge.net/ BID: 6632 6633 Description: phpLinks is an open source free PHP script. phpLinks allows you to run a very powerful link farm or search engine. phpLinks has multileve...

[img]-vulnerability in vBulletin Version 2.2.2 &amp; 2.2.1 &amp; maybe olders

Hi I've discovered a vulnerability in the vBulletins's img-Tag implementation, that allows users to inject vbs-code in posts and private messages img is switched on by default. Through that, an attacker is able to steal other users cookies and maybe hijack their accounts. The following code sends...