6 matches found
EUVD-2025-29354
Malicious code in bioql PyPI...
CVE-2025-10485
A vulnerability has been found in pojoin h3blog up to 5bf704425ebc11f4c24da51f32f36bb17ae20489. Affected by this issue is the function pptlog of the file /login of the component HTTP Header Handler. Such manipulation of the argument X-Forwarded-For leads to cross site scripting. The attack may be...
CVE-2025-10485
A vulnerability has been found in pojoin h3blog up to 5bf704425ebc11f4c24da51f32f36bb17ae20489. Affected by this issue is the function pptlog of the file /login of the component HTTP Header Handler. Such manipulation of the argument X-Forwarded-For leads to cross site scripting. The attack may be...
CVE-2025-10485
The CVE-2025-10485 entry applies to pojoin h3blog, affecting the HTTP Header Handler’s file/login and the ppt_log function. The issue stems from manipulating the X-Forwarded-For argument, enabling cross-site scripting via remote exploitation. Public exploit information is noted. Affected versions...
PT-2025-37776
Name of the Vulnerable Software and Affected Versions: pojoin h3blog versions prior to 5bf704425ebc11f4c24da51f32f36bb17ae20489 Description: A vulnerability exists due to cross site scripting. Manipulation of the X-Forwarded-For argument in the /login file, specifically within the ppt log functio...
ZZCMS V8.0 SQL Injection Vulnerability in Multiple Parameters
ZZCMS is an enterprise website builder. ZZCMS V8.0 suffers from a SQL injection vulnerability, which allows attackers to exploit the vulnerability to obtain sensitive information from the database. The injection parameters include the following: zs/zs.php file 'pxzs' function;...