Zendesk SweetHawk Survey 跨站脚本漏洞

Zendesk SweetHawk Survey is a satisfaction survey plugin developed by Zendesk, a Japanese company. Version 1.6 of Zendesk SweetHawk Survey contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting issue in the ticket submission feature, whic...

PT-2026-5966

Name of the Vulnerable Software and Affected Versions ExpressTech Systems Quiz And Survey Master versions through 10.3.1 Description A flaw exists in ExpressTech Systems Quiz And Survey Master that allows for SQL Injection. The issue impacts approximately 40,000 WordPress sites globally. A...

PT-2026-5799

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded b...

WordPress SurveyJS plugin <= 1.12.20 - Cross-Site Request Forgery to Survey Creation vulnerability

Cross-Site Request Forgery to Survey Creation vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin SurveyJS versions = 1.12.20...

WordPress SurveyJS plugin <= 1.12.20 - Cross-Site Request Forgery to Survey Renaming vulnerability

Cross-Site Request Forgery to Survey Renaming vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin SurveyJS versions = 1.12.20...

WordPress SurveyJS plugin <= 1.12.20 - Cross-Site Request Forgery to Survey Cloning vulnerability

Cross-Site Request Forgery to Survey Cloning vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin SurveyJS versions = 1.12.20...

DuoLungo: Usability Study of Duo 2FA

Multi-Factor Authentication MFA enhances login security by requiring multiple authentication factors. Its adoption has increased in response to more frequent and sophisticated attacks. Duo is widely used by organizations including Fortune 500 companies and major educational institutions, yet its...

WordPress Quiz And Survey Master plugin < 9.0.2 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Project Black in WordPress Plugin Quiz And Survey Master versions 9.0.2...

CVE-2020-36993

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

CVE-2020-36993

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

WordPress Quiz And Survey Master plugin <= 10.3.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin Quiz And Survey Master versions = 10.3.1...

EUVD-2020-30901

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

CVE-2020-36993

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

CVE-2020-36993 LimeSurvey <= 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

CVE-2020-36993 LimeSurvey <= 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparentid parameters to execute arbitrary JavaScript in administrative contexts...

CVE-2020-36993

CVE-2020-36993 affects LimeSurvey 4.3.10, with a stored cross-site scripting vulnerability in the Survey Menu of the admin panel. The issue allows attackers to inject SVG scripts via Surveymenu[title] and Surveymenu[parent_id], enabling execution of arbitrary JavaScript in administrative contexts...

LimeSurvey (PHPSurveyor) Cross-site Scripting Vulnerabilities

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports functions such as survey program development, survey questionnaire publishing, and data collection. Version 4.3.10 of LimeSurvey PHPSurveyor has a cross-site scripting vulnerability...

PT-2026-5119

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparent id parameters to execute arbitrary JavaScript in administrative contexts...

AI-Driven Intrusion Detection for UAV in Smart Urban Ecosystems: A Comprehensive Survey

UAVs have the potential to revolutionize urban management and provide valuable services to citizens. They can be deployed across diverse applications, including traffic monitoring, disaster response, environmental monitoring, and numerous other domains. However, this integration introduces novel...

CVE-2025-13194

The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.2. This is due to missing nonce verification on the 'SurveyJSRenameSurvey' AJAX...