SQL Injection

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to SQL Injection via the row:search and row:get operations in the SeaTable node when user-controlled input is passed through expressions into the searchTerm or rowId parameters. An attacker can access...

EUVD-2005-0369

Malware in sbrugna...

EUVD-2006-0124

Malware in sbrugna...

EUVD-2006-2344

Malware in sbrugna...

CVE-2025-29526

A Cross-Site Scripting XSS vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows attackers to execute arbitrary Javascript via injecting a crafted payload into the SearchTerm parameter...

PT-2025-17651 · Q4 · Q4 Inc Investor Relations Platform

Name of the Vulnerable Software and Affected Versions: Q4 Inc Investor Relations Platform version 5.147.1.2 Description: A Cross-Site Scripting XSS issue in the search function allows attackers to execute arbitrary Javascript by injecting a crafted payload into the SearchTerm parameter. This...

abof.com XSS vulnerability

Vulnerable URL: http://www.abof.com/searchterm/noman...

Sefrengo Cross-Site Scripting Vulnerability

Sefrengo is an open source web content management system CMS based on PHP and MySql. Versions of Sefrengo prior to 1.6.1 suffer from a cross-site scripting vulnerability that allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/main.php...

CVE-2015-0918

Cross-site scripting XSS vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/main.php...

CVE-2015-0918

The CVE-2015-0918 entry concerns Sefrengo, a PHP/MySQL-based open source CMS. The vulnerability is an XSS in the administrative backend present in Sefrengo before version 1.6.1, exploitable via the searchterm parameter to backend/main.php. The affected component is the admin backend; the root cau...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inject arbitrary web script or HTML via 1 the msg parameter aka the message in an article comment or 2 the searchterm parameter aka the search post form. NOTE: some of these details are obtained from thi...

Cross site scripting

Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-2343

The provided documents identify CVE-2006-2343 as a cross-site scripting (XSS) vulnerability in ManageEngine OpManager 6.0, affecting the Search.do path via the searchTerm parameter. The root cause is improper handling of user-supplied input leading to injected web script/HTML. Impact is remote co...

CVE-2006-0116

Cross-site scripting vulnerability search.inetstore in iNETstore Ebusiness Software 2.0 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter...

Serendipity XSS Flaw

The remote version of Serendipity is vulnerable to cross-site scripting attacks due to a lack of sanity checks on the 'searchTerm' parameter in the 'compat.php' script. With a specially crafted URL, an attacker can cause arbitrary code execution in a user's browser resulting in a loss of integrit...

Serendipity compat.php searchTerm Parameter XSS

The remote version of Serendipity is vulnerable to cross-site scripting attacks due to a lack of sanity checks on the 'searchTerm' parameter in the 'compat.php' script. With a specially crafted URL, an attacker can cause arbitrary code execution in a user's browser resulting in a loss of integrit...