95 matches found
CVE-2025-23411
mySCADA myPRO Manager is vulnerable to cross-site request forgery CSRF, which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website...
EUVD-2013-1841
Malware in sbrugna...
EUVD-2022-52053
Malicious code in bioql PyPI...
EUVD-2022-45423
Malicious code in bioql PyPI...
EUVD-2021-27880
Malicious code in bioql PyPI...
EUVD-2024-35984
Malicious code in bioql PyPI...
EUVD-2023-52553
Malicious code in bioql PyPI...
EUVD-2024-35944
Malicious code in bioql PyPI...
EUVD-2024-40031
Malicious code in bioql PyPI...
CVE-2025-8783
The Contact Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title’ parameter in all versions up to, and including, 8.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-46936
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47053 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...
CVE-2025-47012
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46918
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47060
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46910
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46917 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46954
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields that could allow a low-privileged attacker to inject malicious JavaScript executed in a victim’s browser. The available connected documents identify the...
CVE-2025-47091
CVE-2025-47091 affects Adobe Experience Manager versions 6.5.22 and earlier, with a stored XSS flaw in vulnerable form fields. A low-privileged attacker can inject malicious scripts, which may execute in a victim’s browser when they load the page containing the vulnerable field. The CVSS vector i...
CVE-2025-46882
CVE-2025-46882 affects Adobe Experience Manager up to version 6.5.22. The vulnerability is a stored Cross-Site Scripting (XSS) in vulnerable form fields, exploitable by a low-privileged attacker to inject malicious JavaScript that executes in a victim’s browser when visiting the affected page. Pu...