EUVD-2021-15672

Malware in sbrugna...

CVE-2025-52552 FastGPT LastRoute Parameter on Login Page Vulnerable to Open Redirect and DOM-based XSS

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to...

CVE-2025-1024

A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting XSS in the EditEventAttendees.php page. This requires Administration privileges and affects the EID parameter. The flaw allows an attacker to...

Pi-hole Web Interface < 5.4 Multiple Vulnerabilities

The Pi-hole Web Interface previously AdminLTE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-5267

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...

Unfixed XSS vulnerability at www.joereiss.net

Security researcher Kn0t, has submitted on 27/04/2011 a cross-site-scripting XSS vulnerability affecting www.joereiss.net, which at the time of submission ranked 2923685 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currentl...