CVE-2025-41750 Reflected XSS vulnerability in pxc_PortCfg.php

An XSS vulnerability in pxcPortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

CVE-2025-42886

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

EUVD-2025-24202

Malicious code in bioql PyPI...

PT-2024-10104 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.17 Description: The issue is related to a reflected XSS vulnerability in GLPI, a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician to exploit...

DEBIAN-CVE-2023-29455

Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts...

CVE-2018-1484

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be...

EasyAdmin view method suffers from SQL injection vulnerability

EasyAdmin is a free and open source community program based on the LayUI template, with a ThinkPHP5 framework for backend support. EasyAdmin view method exists SQL injection vulnerability. Attackers can construct a specific URL injection to obtain the database password...