EUVD-2019-20167

Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inject script code through the name, subject, and message parameters in POST requests to...

CVE-2019-25731 Zuz Music 2.1 Persistent Cross-site Scripting via zuzconsole Contact

Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inject script code through the name, subject, and message parameters in POST requests to...

CVE-2019-25731 Zuz Music 2.1 Persistent Cross-site Scripting via zuzconsole Contact

Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inject script code through the name, subject, and message parameters in POST requests to...

CVE-2026-10810 itsourcecode Fees Management System navbar.php cross site scripting

A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...

EUVD-2026-34261

A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...

CVE-2026-10810

A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...

CVE-2026-10810 itsourcecode Fees Management System navbar.php cross site scripting

A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...

CVE-2026-10810

CVE-2026-10810 affects itsourcecode Fees Management System up to version 1.0. The vulnerability resides in an unknown function of /navbar.php, whose manipulation leads to cross-site scripting. Exploitation is possible remotely and PoCs exist publicly. The CVE metrics indicate a MEDIUM severity (v...

CVE-2025-52612

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

CVE-2025-52609

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-52609 HCL iControl was affected by Missing Security Headers vulnerability.

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-52609

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

EUVD-2025-210060

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-52609

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-52609 HCL iControl was affected by Missing Security Headers vulnerability.

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-52612 HCL iControl was affected by Export CSV - CSV Injection vulnerability.

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

CVE-2025-52612 HCL iControl was affected by Export CSV - CSV Injection vulnerability.

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

CVE-2025-52612

CVE-2025-52612 affects HCL iControl. The vulnerability is described as a CSV export injection that enables reflected cross-site scripting due to insufficient input parameter sanitization. The CVSS 3.1 vector (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) indicates high impact across confidentiality, integ...

EUVD-2025-210058

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

CVE-2025-52612

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...