PT-2025-46528

Name of the Vulnerable Software and Affected Versions Lite XL versions prior to 2.1.9 Description Lite XL automatically executes the .lite project.lua file when opening a project directory without user confirmation. This file is designed for project configuration but can contain executable Lua...

PT-2025-46529

Name of the Vulnerable Software and Affected Versions Lite XL versions 2.1.8 and prior Description Lite XL is a lightweight, cross-platform text editor written in Lua and C, designed for extensibility via plugins and project-specific modules. The application executes project-level Lua modules and...

EUVD-2006-2261

Malware in sbrugna...

EUVD-2007-4419

Malware in sbrugna...

EUVD-2025-31024

Malicious code in bioql PyPI...

CVE-2025-48867

Horilla is a free and open source Human Resource Management System HRMS. A stored cross-site scripting XSS vulnerability in Horilla HRM 1.3.0 allows authenticated admin or privileged users to inject malicious JavaScript payloads into multiple fields in the Project and Task modules. These payloads...

CVE-2025-48867

CVE-2025-48867 describes a stored cross-site scripting (XSS) vulnerability in Horilla HRM 1.3.0. The issue allows authenticated admin/privileged users to inject malicious JavaScript into multiple fields in the Project and Task modules; payloads are stored in the database and execute when viewed b...

CVE-2025-48867 Horilla Stored Cross-Site Scripting (XSS) Vulnerability in Project and Task Modules

Horilla is a free and open source Human Resource Management System HRMS. A stored cross-site scripting XSS vulnerability in Horilla HRM 1.3.0 allows authenticated admin or privileged users to inject malicious JavaScript payloads into multiple fields in the Project and Task modules. These payloads...

CVE-2025-48867 Horilla Stored Cross-Site Scripting (XSS) Vulnerability in Project and Task Modules

Horilla is a free and open source Human Resource Management System HRMS. A stored cross-site scripting XSS vulnerability in Horilla HRM 1.3.0 allows authenticated admin or privileged users to inject malicious JavaScript payloads into multiple fields in the Project and Task modules. These payloads...

CVE-2025-48867 Horilla Stored Cross-Site Scripting (XSS) Vulnerability in Project and Task Modules

Horilla is a free and open source Human Resource Management System HRMS. A stored cross-site scripting XSS vulnerability in Horilla HRM 1.3.0 allows authenticated admin or privileged users to inject malicious JavaScript payloads into multiple fields in the Project and Task modules. These payloads...

Horilla 跨站脚本漏洞

Horilla is a free and open source human resources software from Horilla, Inc. A cross-site scripting vulnerability exists in Horilla version 1.3.0, which stems from multiple fields in the Project and Task modules not being properly cleared for user input, and could lead to a stored cross-site...

PT-2025-39309

Name of the Vulnerable Software and Affected Versions Horilla HRM version 1.3.0 Description Horilla is a free and open source Human Resource Management System HRMS. A stored cross-site scripting XSS issue in Horilla HRM version 1.3.0 allows authenticated admin or privileged users to inject...

CVE-2021-45041

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resourceid and startdate...

CVE-2024-29737

In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...

CVE-2023-52291

In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...

CVE-2024-29737

In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...

PT-2024-5250 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions prior to 2.1.4 Description: The issue is related to incorrect handling of the character in the Project Module of Apache StreamPark, allowing remote attackers to execute arbitrary commands. The vulnerability can be...

BIT-SUITECRM-2021-45041

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resourceid and startdate...

Exploit for SQL Injection in Salesagility Suitecrm

CVE-2021-45041 PoC for CVE-2021-45041https://cve.mitre.org...

CVE-2021-45041

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resourceid and startdate...