CVE-2026-36761

A stored cross-site scripting XSS vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the msgContent parameter...

EUVD-2022-48959

Malicious code in bioql PyPI...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

PT-2025-34138 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access control issue in the...

CVE-2022-46947

Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletecategory...

CVE-2022-46120

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/viewproduct=...

CVE-2023-28019

Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...

CVE-2022-46121

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manageproduct&id=...

MAL-2022-6135 Malicious code in siteversion (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3dc0facc16d859786a3c77a7ab595feb9b55ac5d7f47425a27d82a22409f3530 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Different versions of your site can be running at the same time

It's pretty easy for a user to be running an old version of your site. Not only that, but a user could be running many different versions of your site at the same time, in different tabs, and that's kinda terrifying. For instance: 1. A user opens your site. 2. You deploy an update. 3. The user...

Onion CMS (XSS/RFI/URL Redirecting) Multiple Vulnerability

Exploit for php platform in category web applications ========================================================== Onion CMS XSS/RFI/URL Redirecting Multiple Vulnerability ==========================================================...

forumjbc4.txt

ForumJBC v4 alert'hacking%20xss' ; Greetz : M.I.D.TDrackanZ, Mr.IlysS, NeThug47 & All Moroccan & Arab Hackers ; Yallah Tla7 Safi...

Web3news <= v0.95 (PHPSECURITYADMIN_PATH) Remote File Inclusion Exploit

============================================================================================== Web3news = v0.95 PHPSECURITYADMINPATH Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor sit...