EUVD-2025-204095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...

CVE-2025-60182

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...

PT-2025-52151

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through 3.8.7...

EUVD-2018-10104

Malware in sbrugna...

EUVD-2025-25345

Malicious code in bioql PyPI...

EUVD-2025-25317

Malicious code in bioql PyPI...

CVE-2025-54027

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through = 3.8.0...

CVE-2025-54031

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...

CVE-2025-54031

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...

CVE-2025-54027

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through = 3.8.0...

CVE-2025-54027

CVE-2025-54027 is a reflected XSS in WordPress plugin Support Board (Schiocco) affecting versions up to 3.8.0. The issue arises from improper input neutralization during web page generation, enabling cross-site scripting reflections. CVSS base score is 7.1 (HIGH) with network attack vector, user ...

CVE-2025-54031

CVE-2025-54031 is a PHP Local File Inclusion in WordPress Support Board, caused by improper control of filename for include/require statements. Affected: Support Board versions through 3.8.0. Impact: PHP LFI leading to access to local files; CVSS metrics indicate HIGH severity. Remediation: a fix...

CVE-2025-54031 WordPress Support Board <= 3.8.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...

PT-2025-34007 · Unknown · Schiocco Support Board

Name of the Vulnerable Software and Affected Versions: Schiocco Support Board versions through 3.8.0 Description: The software contains an improper control of filename for include/require statements, leading to a PHP local file inclusion issue. Recommendations: Versions prior to 3.8.0 are affecte...

PT-2025-34005 · Unknown · Schiocco Support Board

Name of the Vulnerable Software and Affected Versions: Schiocco Support Board versions through 3.8.0 Description: Improper neutralization of input during web page generation allows reflected cross-site scripting XSS. Recommendations: Update Schiocco Support Board to a version later than 3.8.0...

WordPress Support Board plugin <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability

Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability discovered by Foxyyy in WordPress Plugin Support Board versions = 3.8.0...

CVE-2018-18373

In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sbajaxaddmessage action...

Cross site scripting

In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sbajaxaddmessage action...

CVE-2018-18373

CVE-2018-18373 concerns the Schiocco “Support Board – Chat And Help Desk” WordPress plugin (version 1.2.3). The stored XSS occurs in file upload areas within the Chat and Help Desk sections via the msg parameter in the /wp-admin/admin-ajax.php sb_ajax_add_message action. Multiple connected source...

Wordpress Support Board 1.2.3 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://schiocco.com/ Software Link : https://board.support/ Software : Support Board - Chat And Help Desk Version :...