gougucms 代码注入漏洞

gougucms gougucms CMS is China's gougu gougu open source based on ThinkPHP6 + Layui + MySql to create a lightweight general-purpose back-end management framework . gougucms 4.08.18 version of the code injection vulnerability, the vulnerability stems from cross-site scripting, may lead to a remote...

PHPGurukul Human Metapneumovirus Testing Management System 代码注入漏洞

PHPGurukul Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system from PHPGurukul, Inc. A code injection vulnerability exists in version 1.0 of the PHPGurukul Human Metapneumovirus Testing Management System, which originates from cross-site scripting a...

FS S3150-8T2F 跨站脚本漏洞

FS S3150-8T2F is a switch from FS. A cross-site scripting vulnerability exists in versions prior to FS S3150-8T2F S3150-8T2F2.2.0D135103, which originates from cross-site scripting and could lead to arbitrary script execution...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 安全漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes ENOVIA Collaborative Indust...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 安全漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes ENOVIA Collaborative Indust...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 跨站脚本漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes, France. A cross-site scripting vulnerability exists in Dassault Systèmes ENOVIA...

CVE-2025-25612

FS Inc S3150-8T2F prior to version S3150-8T2F2.2.0D135103 is vulnerable to Cross Site Scripting XSS in the Time Range Configuration functionality of the administration interface. An attacker can inject malicious JavaScript into the "Time Range Name" field, which is improperly sanitized. When this...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 安全漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes ENOVIA Collaborative Indust...

FileCloud 安全漏洞

FileCloud is an ultra-secure content collaboration platform from US-based FileCloud, Inc. offering industry-leading compliance, data governance, data leakage protection, data retention and digital rights management capabilities. A security vulnerability exists in FileCloud version v23.241.2, whic...

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

CVE-2025-25925

A stored cross-scripting XSS vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form...

Leica Biosystems Aperio Eslide Manager 跨站脚本漏洞

Leica Biosystems Aperio Eslide Manager is a digital pathology management software from Leica Biosystems that can be used to organize and manage virtual microscope slide image files. A cross-site scripting vulnerability exists in Leica Biosystems Aperio Eslide Manager that originates from reflecti...

CVE-2024-55060

A cross-site scripting XSS vulnerability in the component index.php of Rafed CMS Website v1.44 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-55060

CVE-2024-55060 affects Rafed CMS Website v1.44, with a cross-site scripting (XSS) vulnerability in the component index.php that allows an attacker to execute arbitrary web scripts/HTML via a crafted payload. The CVE entry documents a network-vector, low-privilege, user-interaction-required vulner...

Online Class and Exam Scheduling System profile.php file cross-site scripting vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter username in the file...

CVE-2024-55060

A cross-site scripting XSS vulnerability in the component index.php of Rafed CMS Website v1.44 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

TRENDnet TEW-929DRU /addschedule.htm page cross-site scripting vulnerability

The TRENDnet TEW-929DRU is a wireless router from TRENDnet. The TRENDnet TEW-929DRU version 1.0.0.10 suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the rname variable within the havesamename function on...

SAP Business Objects Business Intelligence Platform 跨站脚本漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. SAP Business Objects Business Intelligence Platform suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

CVE-2025-25925

A stored cross-scripting XSS vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form...

WordPress plugin amoCRM WebForm 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin amoCR...