CVE-2015-20113

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

CVE-2015-20113 RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

PT-2026-3867

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...

CVE-2025-12029

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have, under certain circumstances, allowed an unauthenticated user to perform unauthorized actions on behalf of another user by injecting malicious...

PT-2025-50447

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.23 and earlier Description A stored Cross-Site Scripting XSS issue exists in Adobe Experience Manager. A low privileged attacker could inject malicious scripts into vulnerable form fields. Execution of...

PT-2025-41427

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in Juniper Networks Junos Space. This allows an attacker to inject script tags...

EUVD-2006-4896

Malware in sbrugna...

EUVD-2009-4166

Malware in sbrugna...

EUVD-2007-3205

Malware in sbrugna...

EUVD-2007-3070

Malware in sbrugna...

EUVD-2006-0253

Malware in sbrugna...

EUVD-2007-4195

Malware in sbrugna...

EUVD-2025-17892

Malicious code in bioql PyPI...

CVE-2015-5355

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 post-content or 2 post-title parameter to admin/edit.php...

CVE-2024-43782

This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using...

PT-2025-1800 · WordPress · Wp Social Autoconnect

Name of the Vulnerable Software and Affected Versions: WP Social AutoConnect plugin for WordPress versions up to, and including, 4.6.2 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to inject malicious web...

CVE-2024-43782

This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using...

CVE-2024-43782 openedx-translations's Atlas translations for Open edX missing validation

This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using...

CVE-2024-43782

Technical details about CVE-2024-43782 are not publicly provided in the supplied documents. Monitor for updates as affected versions, exploit availability, and fixes may be disclosed in future advisories.

PT-2024-15930

Name of the Vulnerable Software and Affected Versions Elektraweb versions prior to 17.0.68 Description The issue is related to improper access control, missing authorization, and incorrect permission assignment for critical resources. It allows for exploiting incorrectly configured access control...