CVE-2025-64356

The CVE-2025-64356 case concerns the WordPress Insert PHP Code Snippet plugin (insert-php-code-snippet) with versions up to 1.4.3. The root cause is a missing/incorrect authorization (broken access control) vulnerability that could allow unauthorized access due to misconfigured access control sec...

EUVD-2004-1740

Malware in sbrugna...

EUVD-2024-40167

Malicious code in bioql PyPI...

CVE-2024-0658

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's name when accessing the insert-php-code-snippet-manage page in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible f...

CVE-2024-43275

Cross-Site Request Forgery CSRF vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6...

CVE-2024-43275

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collision with another CVE...

CVE-2024-43275

...

CVE-2024-43275

The CVE-2024-43275 entry maps to a CSRF vulnerability in the WordPress plugin “Insert PHP Code Snippet” (versions

CVE-2024-43275

...

WordPress Insert PHP Code Snippet plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Insert PHP Code Snippet versions = 1.3.6...

Cross site scripting

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's name when accessing the insert-php-code-snippet-manage page in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible f...

Win32.MarsStealer Web Panel Cross Site Scripting

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8abb41f6e7010d70c90f65fd9a740faaB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.MarsStealer Web Panel Vulnerability: Unauthenticated Remote Persistent XSS Description: The...

CVE-2004-1746

Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...

CVE-2004-1746

The CVE-2004-1746 entry describes a Cross-site scripting (XSS) vulnerability in PHP Code Snippet Library’s index.php, exploitable via the cat_select and show parameters. The underlying issue is inadequate input sanitization in index.php, allowing remote attackers to inject arbitrary JavaScript in...

CVE-2004-1746

Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...

PHP Code Snippet Library index.php Multiple Parameter XSS

The remote host is running PHP Code Snippet Library PHP-CSL, a library written in PHP. The remote version of this software fails to sanitize input to the 'catselect' parameter of the 'index.php' script. This can be used to take advantage of the trust between a client and server allowing the...

PHP Code Snippet Library 'index.php' XSS

Binary data 2149.prm...