54699 matches found
CVE-2026-2934
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...
CVE-2026-2972
A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.java of the component Role Edit Page. Executing a manipulation can lead to cross site scripting. T...
CVE-2026-2965 07FLYCMS/07FLY-CMS/07FlyCRM System Extension edit.html cross site scripting
A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/SysModule/edit.html of the component System Extension Module. Performing a manipulation of the argument Title results in cross site scripting. The...
CVE-2026-2965
A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/SysModule/edit.html of the component System Extension Module. Performing a manipulation of the argument Title results in cross site scripting. The...
PT-2026-21571
Name of the Vulnerable Software and Affected Versions xingfuggz BaykeShop versions up to 1.3.20 Description A security issue exists in xingfuggz BaykeShop, specifically within the Article Sidebar Module. Manipulation of the sidebar.content argument in the file...
BaykeShop 代码注入漏洞
BaykeShop is an e-commerce system developed by xingfuggz’s individual developers. Versions of BaykeShop prior to 1.3.20 have a code injection vulnerability. This vulnerability stems from improper handling of the parameter sidebar.content in the file...
PT-2026-21489
A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/SysModule/edit.html of the component System Extension Module. Performing a manipulation of the argument Title results in cross site scripting. The...
Datapizza AI 代码问题漏洞
Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains code vulnerabilities. These vulnerabilities stem from incorrect operations on the function RedisCache in the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.p...
CVE-2026-2588 Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN sizet to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems sizet is typically 32-bits while an unsigned long long is at least 64-bi...
CVE-2026-2588
Crypt::NaCl::Sodium for Perl has an integer overflow in 32‑bit environments, affecting versions up to 2.001. The Sodium.xs code casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium, creating an overflow risk where 32‑bit size_t is 32‑bit but unsigned long long ...
CVE-2026-2939
A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /addstudent/ of the component Add Student Module. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2939
A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /addstudent/ of the component Add Student Module. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2939
A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /addstudent/ of the component Add Student Module. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2939 itsourcecode Student Management System Add Student add_student cross site scripting
A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /addstudent/ of the component Add Student Module. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2934
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...
CVE-2026-2934
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...
CVE-2026-2933
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/DadManage.php of the component Extended Management Module. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. T...
CVE-2026-2932
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...
CVE-2026-2932
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...
CVE-2026-2933 YiFang CMS Extended Management D_adManage.php update cross site scripting
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/DadManage.php of the component Extended Management Module. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. T...