294 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-70129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automaticall...
Linux Distros Unpatched Vulnerability : CVE-2025-70128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to...
CVE-2025-70128
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
EUVD-2025-208519
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
EUVD-2025-208520
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
CVE-2025-70128
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
UBUNTU-CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
UBUNTU-CVE-2025-70128
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
PT-2026-24367
Name of the Vulnerable Software and Affected Versions PluXml versions 5.8.22 and earlier Description A Stored Cross-Site Scripting XSS issue exists in the PluXml article comments feature. The application does not properly sanitize or validate user-supplied input in the link field of a comment. An...
CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
CVE-2025-70128
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
CVE-2025-70128
A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...
PT-2026-24368
Name of the Vulnerable Software and Affected Versions PluXml versions 5.8.22 and earlier Description When the anti-spam captcha functionality is enabled, PluXml generates captcha challenges in a format that can be automatically recognized. This allows automated scripts to bypass the anti-spam...
PluXml 安全漏洞
PluXml is an open-source, free content management system developed by PluXml. It works without the need for a database. PluXml versions 5.8.22 and earlier have security vulnerabilities. These vulnerabilities stem from the exposure of details related to the anti-spam CAPTCHA function. This could...
PluXml 安全漏洞
PluXml is an open-source, free content management system developed by PluXml. It works without the need for a database. PluXml versions 5.8.22 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insufficient cleaning or validation of user inputs related to the artic...
CVE-2025-70129
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...
CVE-2025-70129
CVE-2025-70129 affects PluXml versions 5.8.22 and earlier, where the anti spam-captcha mechanism can be bypassed. The captcha format is exposed in articles with comments and anti spam-captcha enabled, revealing fields such as capcha-letter, capcha-word, and capcha-token. An automated script can c...