EUVD-2005-1105

Malware in sbrugna...

EUVD-2018-7755

Malware in sbrugna...

CVE-2025-5405

A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This issue affects some unknown processing of the file /post.php. The manipulation of the argument commentauthor/commentemail/commentcontent leads to cros...

CVE-2025-5405 chaitak-gorai Blogbook post.php cross site scripting

A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This issue affects some unknown processing of the file /post.php. The manipulation of the argument commentauthor/commentemail/commentcontent leads to cros...

CVE-2025-5405

The CVE-2025-5405 entry concerns chaitak-gorai Blogbook (up to commit 92f5cf90f8a7e6566b576fe0952e14e1c6736513) and specifies a cross-site scripting (XSS) vulnerability in processing the file /post.php. The attack is facilitated by manipulating the arguments comment_author, comment_email, or comm...

CVE-2025-5401

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument pid leads...

PT-2025-23432 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A problematic issue has been found in chaitak-gorai Blogbook, affecting the processing of the file /post.php. The manipulation of the arguments comment author,...

Blogbook 注入漏洞

Blogbook is a content management system project by the individual developer Chaitak Gorai. Blogbook has an injection vulnerability that stems from SQL injection in the parameter pid in the file /post.php...

CVE-2022-28524

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php...

PT-2025-20925 · Unknown · Bootstrap-Multiselect

Name of the Vulnerable Software and Affected Versions: bootstrap-multiselect version 1.1.2 Description: An issue was discovered in post.php, where a PHP script echoes arbitrary POST data. This could create a Reflective Cross-Site Scripting XSS vulnerability exploitable through Cross-Site Request...

CVE-2024-3767 PHPGurukul News Portal edit-post.php sql injection

A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclose...

CVE-2024-3767 PHPGurukul News Portal edit-post.php sql injection

A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclose...

CVE-2023-52264

The beesblog aka Bees Blog component before 1.6.2 for thirty bees allows Reflected XSS because controllers/front/post.php sharingurl is mishandled...

CVE-2023-7035

Automad (versions up to 1.10.9) is affected by a cross-site scripting flaw in the Setting Handler, specifically in the sitename argument processed by the post.php endpoint under packages/standard/templates/post.php. The issue is triggered by unsanitized input and may be exploitable remotely; mult...

CVE-2023-7035 automad Setting post.php cross site scripting

A vulnerability was found in automad up to 1.10.9 and classified as problematic. Affected by this issue is some unknown functionality of the file packages\standard\templates\post.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. The...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Discussion Forum Site 1.0. Affected is an unknown function of the file admin\posts\managepost.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack remotely...

PT-2023-11366 · WordPress · The Coming Soon Page & Maintenance Mode

Name of the Vulnerable Software and Affected Versions: The Coming Soon Page & Maintenance Mode plugin for WordPress versions up to, and including 1.8.1 Description: The issue is related to missing capability checks in the /functions/data-reset-post.php file, allowing unauthenticated attackers to...

CVE-2023-29847

AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting XSS vulnerabilities via the commentauthor and commentcontent parameters at /post.php. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

AeroCMS 跨站脚本漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS version v0.0.1 suffers from a cross-site scripting vulnerability that stems from the commentauthor and commentcontent parameters of /post.php failing to properly validate user input. An attacker can exploit this...

AeroCMS SQL注入漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from the pid parameter of its post.php component that allows an attacker to implement a SQL injection resulting in access to database information...