16 matches found
Allok Video Converter 安全漏洞
Allok Video Converter is a video encoding tool developed by Allok Corporation. Version 4.6.1217 of Allok Video Converter contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the License Name input field, which may allow for the execution of arbitrary code...
Cinspiration RDP Manager security vulnerabilities
Cinspiration RDP Manager is a remote desktop management tool developed by the German company Cinspiration. Version 4.9.9.3 of Cinspiration RDP Manager contains a security vulnerability, which stems from the connection input field. This vulnerability could allow local attackers to cause the...
PT-2025-41271
Name of the Vulnerable Software and Affected Versions Sourcecodester Link Status Checker version 1.0 Description The application is susceptible to a Cross-Site Scripting XSS issue in the 'Enter URLs to check' input field. This allows a remote attacker to execute arbitrary code. The vulnerable...
EUVD-2025-33162
Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting XSS in the Enter URLs to check input field. This allows a remote attacker to execute arbitrary code...
EUVD-2018-10644
Malware in sbrugna...
EUVD-2022-25000
Malicious code in bioql PyPI...
CVE-2024-48396
AIML Chatbot 1.0 fixed in 2.0 is vulnerable to Cross Site Scripting XSS. The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts...
CVE-2022-1718
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service...
CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...
HortusFox 跨站脚本漏洞
HortusFox is a free and open source self-hosted plant manager system from HortusFox, Inc. A cross-site scripting vulnerability exists in HortusFox version 3.9 that stems from a name input field that is not cleaned up or escapes user input, allowing an attacker to inject and execute arbitrary...
PT-2024-33095 · Unknown · Aiml Chatbot
Name of the Vulnerable Software and Affected Versions: AIML Chatbot versions prior to 2.0 Description: The issue is related to Cross Site Scripting XSS, where attackers can inject malicious HTML or JavaScript code through the message input field. The chatbot fails to sanitize these inputs, leadin...
Team Members < 5.2.1 - Editor+ Stored XSS
The plugin does not sanitize and escapes some of its settings, which could allow high-privilege users such as editors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in a multisite setup. 1. Go to the "Teams" section » add a new te...
PT-2022-23618 · Synel · Eharmony
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows an attacker to insert HTML or JavaScript code into a specific input field. To access the vulnerable input, an attacker would navigate t...
CVE-2021-33557
An XSS issue was discovered in managecustomfieldeditpage.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field...
CVE-2020-29021 Scripting tag chars < > not filtered in input fields could cause Cross-Site Scripting (XSS)
A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. This issue affects: GateManager all versions prior to 9.3...
CVE-2019-9567
The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll...