CVE-2025-53820

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the index.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

CVE-2025-49583

XWiki is a generic wiki platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can ...

Update Rollup 3 for System Center 2016 Operations Manager

Update Rollup 3 for System Center 2016 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2016 Operations Manager. This article also contains the installation instructions for this update. Issues that are fixed When you...

PYSEC-2014-59

Multiple open redirect vulnerabilities in 1 marmosetpatch.py, 2 publish.py, and 3 principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

cgi vulnerability

hi all I found a security hole in Book of guests and Post it! written by Seth Leonard. It is available at http://www.dreamcachersweb.com The problem is that this script doesn't filter out ANY metacharacters from the input and pass it to the shell. Therefore by writing something like...