EUVD-2016-10798

Nagios Log Server versions prior to 1.4.2 are vulnerable to cross-site scripting XSS in the Dashboards section when rendering log entries in the Logs table. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in...

CVE-2016-15049 Nagios Log Server < 1.4.2 Dashboards Logs Table XSS

Nagios Log Server versions prior to 1.4.2 are vulnerable to cross-site scripting XSS in the Dashboards section when rendering log entries in the Logs table. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in...

CVE-2016-15049

Nagios Log Server is affected by an XSS vulnerability in the Dashboards section, specifically when rendering log entries in the Logs table. Affected products are Nagios Log Server versions prior to 1.4.2; untrusted log content was not safely encoded for the output context, allowing attacker-contr...

PT-2025-44537

Nagios Log Server versions prior to 1.4.2 are vulnerable to cross-site scripting XSS in the Dashboards section when rendering log entries in the Logs table. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in...

EUVD-2025-27853

Malicious code in bioql PyPI...

EUVD-2025-29721

Malicious code in bioql PyPI...

BIT-JENKINS-2025-59476

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified content in log messages, allowing attackers able to control log message contents to insert line break characters, followed by forged log messages that may...

CVE-2025-36631

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege...

Exploit for Classic Buffer Overflow in Free5Gc

CVE-2025-29632 the information for the vulnerability covered b...

CVE-2023-0157

The All-In-One Security AIOS WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user admin+ to plant bogus log files containing malicious JavaScript code that will be executed in the context of any...

Kitchen-Terraform 日志信息泄露漏洞

Kitchen-Terraform is a Test Kitchen plugin for testing Terraform configurations. A log information disclosure vulnerability exists in Kitchen-Terraform versions prior to v7.0.0. An attacker can exploit this vulnerability to gain access to log content...

CVE-2023-0157

The All-In-One Security AIOS WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user admin+ to plant bogus log files containing malicious JavaScript code that will be executed in the context of any...

WordPress plugin Media Library Assistant 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...