EUVD-2025-31081

Malicious code in bioql PyPI...

CVE-2025-10940

A vulnerability was found in Total.js CMS 1.0.0. Affected by this vulnerability is the function layoutssave of the file /admin/ of the component Layout Page. Performing manipulation of the argument HTML results in cross site scripting. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-10940

A vulnerability was found in Total.js CMS 1.0.0. Affected by this vulnerability is the function layoutssave of the file /admin/ of the component Layout Page. Performing manipulation of the argument HTML results in cross site scripting. It is possible to initiate the attack remotely. The exploit h...

PT-2025-39359

Name of the Vulnerable Software and Affected Versions Total.js CMS version 1.0.0 Description A cross site scripting issue exists in Total.js CMS version 1.0.0. The issue is located in the layouts save function within the /admin/ file of the Layout Page component. Manipulation of the HTML argument...

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

Foxit Reader XFA Layout object page method remote code execution vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the page method of the XFA Layout object in Foxit Reader version 8.3.1.21155, which results from the program failing to properly validate user-submitted data. A remote...

CVE-2013-4888

Cross-site scripting XSS vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the layout parameter in the layout page...