CVE-2026-1857

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.6.1. This is due to insufficient validation of the endpoint parameter in the getitems function of the GetResponse REST API handler. The endpoint's...

CVE-2025-13079

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

Nextcloud Mail 跨站脚本漏洞

Nextcloud Mail is an email from Nextcloud Germany. A cross-site scripting vulnerability exists in versions of Nextcloud Mail prior to 5.5.3, which stems from the presence of stored HTML injection in mailing lists, which could lead to HTML injection attacks...

EUVD-2019-16756

Malware in sbrugna...

EUVD-2021-0197

Malware in sbrugna...

EUVD-2023-43665

Malicious code in bioql PyPI...

CVE-2025-9143

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2025-9143

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2025-9143 Scada-LTS mailing_lists.shtm cross site scripting

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2025-9143 Scada-LTS mailing_lists.shtm cross site scripting

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which stems from a cross-site scripting attack due to incorrect manipulation of the parameters name/userList/address in the file...

PT-2025-33741 · Scada-Lts · Scada-Lts

Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1 Description: A security flaw exists in Scada-LTS 2.7.8.1 related to the mailing lists.shtm file. Manipulation of the name/userList/address argument can lead to cross-site scripting. This issue is potentially...

[SECURITY] Fedora 40 Update: sympa-6.2.74-1.fc40

Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...

CVE-2023-39972

Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists...

CVE-2023-39972

Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists...

Improper access control

Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists...

CVE-2023-39972 Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3

Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists...

CVE-2023-39972

CVE-2023-39972 affects the AcyMailing Enterprise component for Joomla. The issue is an Improper Access Control that allows unauthorized users to create new mailing lists. Root cause: insufficient access control enforcement in the component. Initial sources list CVSSv3.1 base score 4.3 (Medium) wi...

CVE-2023-39972 Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3

Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists...

AcyMailing Joomla Component 访问控制错误漏洞

AcyMailing Joomla Component is an email marketing component used in the Joomla content management system. An Access Control Error vulnerability exists in AcyMailing Joomla Component, which stems from the presence of incorrect access control that allows unauthorized users to create new mailing lis...