621 matches found
CVE-2026-59794
JetBrains TeamCity (pre-2026.1.2) is affected by a stored XSS on the cloud profile page due to agent-reported data. The issue enables an attacker with low privileges and network access to trigger a stored XSS that can impact user confidentiality and integrity, with user interaction required. The ...
EUVD-2026-42912
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59794
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2025-11977
creationtimestamp| type| source ---|---|--- 2026-07-10 11:55:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqc3pc2czt2a 2026-07-10 21:16:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd32j7xs42d...
PT-2026-57185
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.2 Description Stored Cross-Site Scripting XSS is possible on the cloud profile page. This occurs when the application fails to properly sanitize data reported by agents, allowing an attacker to injec...
CVE-2026-14403
creationtimestamp| type| source ---|---|--- 2026-07-02 00:18:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqzc7uwk2k 2026-07-02 08:25:21+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 16:51:23+00:00| seen|...
CVE-2026-53350
creationtimestamp| type| source ---|---|--- 2026-07-01 22:46:32+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmlvbdcrx2y 2026-07-06 06:53:16+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...
CVE-2026-53346
creationtimestamp| type| source ---|---|--- 2026-07-01 22:45:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmltzqbsd2y...
CVE-2026-13554
creationtimestamp| type| source ---|---|--- 2026-06-29 12:06:16+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgh6k26bc25...
CVE-2026-13542
A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-12207
creationtimestamp| type| source ---|---|--- 2026-06-15 04:33:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moche6j44n27...
CVE-2026-41862
creationtimestamp| type| source ---|---|--- 2026-06-11 12:40:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaoi3n5f2d 2026-06-24 00:10:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moymtyjg6x2a 2026-06-24 00:16:48+00:00| seen|...
CVE-2026-53740
creationtimestamp| type| source ---|---|--- 2026-06-10 23:17:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxtu746tt23...
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2026-48597
creationtimestamp| type| source ---|---|--- 2026-06-02 20:46:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndhnkma2l2j 2026-07-10 01:12:43+00:00| seen| https://gist.github.com/alon710/c57bf8187a7fb4d8c5e9247f7948a17b 2026-07-10 02:35:05+00:00| published-proof-of-concept|...
CVE-2026-7312
creationtimestamp| type| source ---|---|--- 2026-06-02 18:01:35+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnd6h2hiip2w 2026-06-03 02:00:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndz7plsio22 2026-06-04 14:37:07+00:00| seen|...
CVE-2018-25382
Zechat 1.5 contains an SQL injection in the uname parameter that allows unauthenticated attackers to extract database information by injecting SQL through profile.php. The described payloads use UNION-based injections to enumerate table names, column names, and sensitive data from information_sch...
PT-2026-44860
Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the uname parameter. Attackers can send crafted requests to profile.php with UNION-based SQL injection payloads to retrieve table names, column...
CVE-2024-47097
creationtimestamp| type| source ---|---|--- 2026-05-28 11:58:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvxsm7e2o2e...
CVE-2026-42197
RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...