EUVD-2025-34193

An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager SDM of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability requires the attack...

EUVD-2020-20857

Malware in sbrugna...

PT-2023-12184 · Countly · Countly

Name of the Vulnerable Software and Affected Versions: Countly versions prior to 21.11 Description: The issue allows for cross-site scripting. To exploit this, the victim must follow a malicious link or be redirected from a malicious website. The attacker needs to have an account or be able to...

The vulnerability in the implementation of the util.printf() function allows attackers to execute arbitrary code in PDF viewer and editor applications like Adobe Reader and Adobe Acrobat.

The vulnerability of the util.printf function in PDF viewing and editing applications like Adobe Reader and Adobe Acrobat arises from the execution of operations outside of the buffer in memory, due to improper parameter checking. Exploiting this vulnerability allows a malicious actor to execute...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...

CVE-2017-17322

Huawei Honor Smart Scale Application with software of 1.1.1 has an information disclosure vulnerability. The application does not sufficiently restrict the resource which can be accessed by certain protocol. An attacker could trick the user to click a malicious link, successful exploit could caus...

PHPKIT 1.6 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11725/info It is reported that PHPKIT is susceptible to cross-site scripting and SQL injection vulnerabilities. The cross-site scripting issue is present in a parameter of the 'popup.php' script. An attacker can exploit this issue by creating a malicious...

Microsoft Windows XP - Help and Support Center Interface Spoofing

source: https://www.securityfocus.com/bid/9685/info A weakness has been alleged in Microsoft Windows XP that could reportedly allow aspects of the Help and Support Center interface to be spoofed via a malicious link. By spoofing this interface, an attacker could potentially present misleading or...

osCommerce 2.2 - osCsid Cross-Site Scripting

osCommerce 2.2 - osCsid Cross-Site Scripting source: https://www.securityfocus.com/bid/9238/info It has been reported that osCommerce may be prone to a cross-site scripting vulnerability that may allow an attacker to construct a malicious link containing HTML or script code that may be rendered i...

pMachine 1.02.x - Search Module Cross-Site Scripting

pMachine 1.02.x - Search Module Cross-Site Scripting source: https://www.securityfocus.com/bid/7981/info Reportedly, pMachine is vulnerable to a cross-site scripting attack. The vulnerability is present in the search module. The issue presents itself likely due to insufficient sanitization...

PHP 4.x - Transparent Session ID Cross-Site Scripting

source: https://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by constructing a malicious link...