EUVD-2026-28488

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

CVE-2026-8126

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

CVE-2026-8126 SourceCodester Comment System post_comment.php sql injection

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

SourceCodester Comment System 注入漏洞

The SourceCodester Comment System is an open-source comment system developed by SourceCodester. Version 1.0 of the SourceCodester Comment System has a vulnerability caused by SQL injection due to the parameter manipulation in the file postcomment.php. This vulnerability could be exploited through...

PT-2026-38642

Name of the Vulnerable Software and Affected Versions SourceCodester Comment System version 1.0 Description An issue exists in the processing of the 'post comment.php' file. Manipulation of the Name argument allows for SQL injection, which can be exploited remotely. Recommendations At the moment,...

EUVD-2006-0988

Malware in sbrugna...

EUVD-2008-4701

Malware in sbrugna...

EUVD-2005-2817

Malware in sbrugna...

CVE-2022-4014

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this...

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

Malicious code in post-comment (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-2891 Malicious code in post-comment (npm)

--- -= Per source details. Do not edit below this line.=-...

Stored XSS through post comment body

Description The body of the comment is vulnerable to Stored XSS Proof of Concept - Create a post - Comment on it, and insert alertdocument.domain in the body...

CVE-2022-4014

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this...

Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the text to hover, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. As admin, put the following in the plugin's settings: test = "alert/XSS/ Tick the "Enable text hover in...

Edit Comments <= 0.3 - Unauthenticated SQL Injection

The plugin does not sanitise, validate or escape the jaleditcomments GET parameter before using it in a SQL statement, leading to a SQL injection issue Post a comment on a page, then open https://example.com//?jaleditcomments=7%20AND%20SELECT%209114%20FROM SELECTSLEEP5wjzD...

CVE-2020-18066

Cross Site Scripting vulnerability in ZrLog 2.1.0 via the 1 userName and 2 email parameters in post/addComment...

Cross site request forgery (csrf)

CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request...

coinimaging.com XSS vulnerability

Open Bug Bounty ID: OBB-598563 Description| Value ---|--- Affected Website:| coinimaging.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...