EUVD-2026-2434

Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the administrative interface within the Tools Status move message handling. The path parameter is reflected into the HTML output without proper output encoding in...

Online Fire Reporting System 跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient validation of inputs for the parameters mark, status, and...

QSAN XEVO 操作系统命令注入漏洞

QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's Array function's status parameter not properly filtering input data for special characters...

CVE-2017-17415

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Count method requests. The issue resul...