50 matches found
Exploit for CVE-2025-67435
CVE-2025-67435 Researcher : Chowdhury Faizal Ahammed...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
GHSA-VQC7-7FJ4-3FM3 REDAXO CMS is vulnerable to XSS through its module management component
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Output code field in the module management component. An attacker can execute arbitrary web scripts or HTML in the context of another user by injecting malicious payloads that are triggered when a user...
REDAXO CMS is vulnerable to XSS through its module management component
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
PT-2025-48037
Name of the Vulnerable Software and Affected Versions REDAXO CMS version 5.20.0 Description A stored cross-site scripting XSS issue exists in the module management component of REDAXO CMS. A remote user can inject arbitrary web script or HTML through the Output code field within modules. This...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
CVE-2025-64049 describes a stored XSS in REDAXO CMS 5.20.0, specifically in the module management component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the Output code field in modules; the payload executes when a user views or edits an article that inclu...
REDAXO 安全漏洞
REDAXO is a content management system from REDAXO open source. A security vulnerability exists in REDAXO version 5.20.0, which stems from improper handling of the Output code field in the module management component and could lead to a stored cross-site scripting attack...
EUVD-2019-7007
Malware in sbrugna...
EUVD-2014-9503
Malware in sbrugna...
EUVD-2014-9504
Malware in sbrugna...
EUVD-2020-16075
Malware in sbrugna...
EUVD-2018-3598
Malware in sbrugna...
EUVD-2025-9588
Malicious code in bioql PyPI...
CVE-2025-38056 ASoC: SOF: Intel: hda: Fix UAF when reloading module
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix UAF when reloading module hdagenericmachineselect appends -idisp to the tplg filename by allocating a new string with devmkasprintf, then stores the string right back into the global variable...
CVE-2023-53140 scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...