CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

PT-2026-5134

Name of the Vulnerable Software and Affected Versions PodcastGenerator version 3.2.9 Description A stored cross-site scripting XSS issue exists in the 'Create New Live Item' functionality. This allows remote attackers to inject arbitrary script or HTML through the 'TITLE', 'SHORT DESCRIPTION', an...

EUVD-2025-206501

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

CVE-2024-41551

CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via SupplyManagementSystem/admin/vieworderitems.php?id=...

CVE-2024-22119 Stored XSS in graph items select form

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

DEBIAN-CVE-2022-24918

An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all th...

PT-2022-6479 · Zabbix +2 · Zabbix +2

Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to the lack of protection of the web page structure in Zabbix. An authenticated user can create a link with reflected Javascript code for the items' page and send it to...