EUVD-2015-9219

Malware in sbrugna...

EUVD-2025-11563

Malicious code in bioql PyPI...

CVE-2025-39425

Cross-Site Request Forgery CSRF vulnerability in pixelgrade Style Manager style-manager allows Cross Site Request Forgery.This issue affects Style Manager: from n/a through = 2.2.7...

CVE-2025-39425

Cross-Site Request Forgery CSRF vulnerability in pixelgrade Style Manager style-manager allows Cross Site Request Forgery.This issue affects Style Manager: from n/a through = 2.2.7...

CVE-2025-39425 WordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in pixelgrade Style Manager style-manager allows Cross Site Request Forgery.This issue affects Style Manager: from n/a through = 2.2.7...

CVE-2025-39425

CVE-2025-39425 is a CSRF vulnerability in WordPress plugin Style Manager (Pixelgrade) affecting versions up to 2.2.7. The available documents describe a Cross-Site Request Forgery that enables unauthorized actions (settings changes) on affected sites, but do not provide concrete exploit steps, af...

WordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Style Manager versions = 2.2.7...

WordPress plugin Style Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

PT-2025-16992 · Pixelgrade · Style Manager

Name of the Vulnerable Software and Affected Versions: pixelgrade Style Manager versions 2.2.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an...

vBulletin 5.6.3 - &#039;group&#039; Cross Site Scripting

Exploit Title: vBulletin 5.6.3 - 'group' Cross Site Scripting Date: 05.09.2020 Author: Vincent666 ibn Winnie Software Link: https://www.vbulletin.com/en/features/ Tested on: Windows 10 Web Browser: Mozilla Firefox & Opera Google Dorks: "Powered by vBulletin® Version 5.6.3" Blog:...

vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50936)

vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Style Manager's Style Options Settin...

WordPress iThemes Builder Style Manager Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. iThemes Builder Style Manager is one of the style managers used in it. A cross-site scripting vulnerability exists in the WordPress...

Information disclosure

iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via addqueryarg and removequeryarg...

CVE-2015-9379

The CVE-2015-9379 entry concerns WordPress plugin WordPress iThemes Builder Style Manager. Affected component: the Style Manager widget/plugin (iThemes Builder Style Manager) for WordPress, with vulnerable versions before 0.7.7. Root cause: cross-site scripting (XSS) vulnerability via the add_que...

Dcore(lightweight CMS)backend to get the SHELL method and repair method-vulnerability warning-the black bar safety net

Author: Mr. DzY Increase the style with the site table of the Association; Background: admin/login. asp if does not exist, the self-guess solution. Injection point:http://www. xxxx. net/index. asp? subsite=1 In tool to increase the table name: dcoreuser column name: useradmin userpassword If not...

vBulletin adminCP Cross-Site Scripting

No description provided by source. .::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE...

vBulletin adminCP Cross Site Scripting

.::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE : Code : -::Forum Manager = Add Ne...

Command injection

Multiple unspecified vulnerabilities in Common Desktop Environment CDE in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control MAC policy via unknown vectors, related to a menu typo and the Style Manager...