EUVD-2022-4606

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the Page Title field of the /admin/cms/pagecontent/ endpoint due to improper user input sanitization. By submitting crafted input, an attacker can inject malicious scripts that are executed in the browse...

Command injection

FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMANDPATTERN and TESTRUNNER in the pageContent parameter when editing a page...

Really Simple CMS 0.3a - PT Local File Inclusion

Really Simple CMS 0.3a - PT Local File Inclusion + Really Simple CMS 0.3a pagecontent.php PT Local File Inclusion Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/rscms/ + Local File Inclusion - Vulnerable code in...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in a Wikepage Opus 13 2007.2 and b TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the 1 PageContent and 2 PageName parameters...

CVE-2007-5295

Multiple cross-site scripting XSS vulnerabilities in index.php in a Wikepage Opus 13 2007.2 and b TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the 1 PageContent and 2 PageName parameters...

CVE-2007-5295

Multiple cross-site scripting XSS vulnerabilities in index.php in a Wikepage Opus 13 2007.2 and b TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the 1 PageContent and 2 PageName parameters...