CVE-2021-47957

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

WordPress plugin Fluent Forms 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-30077

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

Command Injection

Overview openakita is a 全能自进化AI Agent - 基于Ralph Wiggum模式，永不放弃 Affected versions of this package are vulnerable to Command Injection via the run function in the Chat API Endpoint component when processing the Message argument. An attacker can execute arbitrary operating system commands by supplyin...

CVE-2021-47716

Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like 'projid', 'CSmessage', and 'name' to execute arbitrary JavaScript code in victim's browse...

CVE-2021-47716 Orangescrum 1.8.0 Cross-Site Scripting via Authenticated Endpoints

Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like 'projid', 'CSmessage', and 'name' to execute arbitrary JavaScript code in victim's browse...

PT-2024-33095 · Unknown · Aiml Chatbot

Name of the Vulnerable Software and Affected Versions: AIML Chatbot versions prior to 2.0 Description: The issue is related to Cross Site Scripting XSS, where attackers can inject malicious HTML or JavaScript code through the message input field. The chatbot fails to sanitize these inputs, leadin...

iWifi for Chat v1.1 iOS - Denial of Service Vulnerability

Document Title: =============== iWifi for Chat v1.1 iOS - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1375 Release Date: ============= 2014-12-16 Vulnerability Laboratory ID VL-ID: ====================================...

iWifi For Chat 1.1 Denial Of Service

Document Title: =============== iWifi for Chat v1.1 iOS - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1375 Release Date: ============= 2014-12-16 Vulnerability Laboratory ID VL-ID: ====================================...

Dominant Creature BBG/RPG Browser Game Persistent XSS

No description provided by source. =================================================================================== Dominant Creature BBG/RPG browser game XSS vulnerabilities =================================================================================== Exploit Title: Dominant Creature...