EUVD-2025-29087

Malicious code in bioql PyPI...

CVE-2025-10330

A flaw has been found in cdevroe unmark up to 1.9.3. This vulnerability affects unknown code of the file application/views/layouts/topbar/searchform.php. This manipulation of the argument q causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published...

CVE-2025-10330 cdevroe unmark searchform.php cross site scripting

A flaw has been found in cdevroe unmark up to 1.9.3. This vulnerability affects unknown code of the file application/views/layouts/topbar/searchform.php. This manipulation of the argument q causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published...

CVE-2025-10330 cdevroe unmark searchform.php cross site scripting

A flaw has been found in cdevroe unmark up to 1.9.3. This vulnerability affects unknown code of the file application/views/layouts/topbar/searchform.php. This manipulation of the argument q causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published...

CVE-2025-10330

CVE-2025-10330 targets the Unmark (cdevroe) open-source to-do app. A cross-site scripting vulnerability arises from lack of input filtering/escaping in the parameter q of the file application/views/layouts/topbar/searchform.php, affecting Unmark versions up to 1.9.3. Remote exploitation is possib...

PT-2025-37357

Name of the Vulnerable Software and Affected Versions: cdevroe unmark versions up to 1.9.3 Description: A flaw has been found in cdevroe unmark. This issue affects unknown code within the application/views/layouts/topbar/searchform.php file. Manipulation of the q parameter can lead to cross-site...

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

PT-2024-12484 · Comodo · Itop

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.9 Combodo iTop versions prior to 3.0.4 Combodo iTop versions prior to 3.1.0 Description: Combodo iTop is a simple, web-based IT Service Management tool. When displaying pages, specifically the...

silverstripe/framework SQL injection in full text search

When performing a fulltext search in SilverStripe 4.0.0 the 'start' querystring parameter is never escaped safely. This exposes a possible SQL injection vulnerability. The issue exists in 3.5 and 3.6 but is less vulnerable, as SearchForm sanitises these variables prior to passing to mysql...

WordPress Phlox-Pro Theme 5.14.0 Cross Site Scripting

Exploit Title: WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS Date: 3/12/2023 Exploit Author: Haktrak Team Vendor Homepage: https://phlox.pro Software Link: https://www.phlox.pro/go/ Version: 5.14.0 Tested on: Linuxapache/wordrepss 6.3.1 Description: A Cross Site Scripti...

SUSE CVE-2009-1310

Cross-site scripting XSS vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element...

CVE-2021-4270

A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the...

CVE-2021-4270

A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the...

Cross site scripting

A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the...

PT-2022-11665 · Unknown · Imprint Cms

Name of the Vulnerable Software and Affected Versions: Imprint CMS affected versions not specified Description: A vulnerability was found in Imprint CMS, classified as problematic. The issue affects the SearchForm function of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the quer...

Imprint CMS 跨站脚本漏洞

Imprint CMS is a publisher-oriented, domain-specific CMS based on ASP.net MVC 4 and LinqToSQL by Peder Skou, an individual developer. A security vulnerability exists in Imprint CMS, which originates in the SearchForm function of the file ImprintCMS/Models/ViewHelpers.cs, where the operation of a...

CVE-2021-4270 Imprint CMS ViewHelpers.cs SearchForm cross site scripting

A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the...

stapleheadquarters.com XSS vulnerability

Open Bug Bounty ID: OBB-644381 Description| Value ---|--- Affected Website:| stapleheadquarters.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

SQL injection vulnerability in ZZCMS system searchform.php file

ZZCMS is an enterprise website builder. ZZCMS System v7.1 suffers from a SQL injection vulnerability. The searchform.php file in the /company/ directory fails to correctly process $COOKIE'companyb' data, allowing remote attackers to exploit the vulnerability by submitting a specially crafted SQL...

chillout.co.nz XSS vulnerability

Vulnerable URL: http://www.chillout.co.nz/home/SearchForm?Search=...