EUVD-2024-16058

Malicious code in bioql PyPI...

CVE-2024-27299

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the the "Add News" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edi...

Cross site scripting

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

PT-2024-22262 · Schoolbox · Schoolbox

Name of the Vulnerable Software and Affected Versions: Schoolbox versions prior to 23.1.3 Description: The issue concerns stored cross-site scripting in the news functionality, allowing an authenticated attacker to perform security actions in the context of affected users. Recommendations: For...