8 matches found
EUVD-2025-24625
Malicious code in bioql PyPI...
CVE-2025-45316
A cross-site scripting XSS vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...
CVE-2025-45316
A cross-site scripting XSS vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...
CVE-2025-45316
A cross-site scripting XSS vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...
CVE-2025-45316
A cross-site scripting XSS vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...
CVE-2025-45316
A cross-site scripting XSS vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...
CVE-2025-45316
CVE-2025-45316 : A cross-site scripting (XSS) vulnerability in the hortusfox-web v4.4 TextBlockModule.php is due to insufficient validation/encoding of the name parameter, allowing attackers to inject arbitrary scripts/HTML. Impact is browser-execution of crafted payloads where user input is refl...
PT-2025-33062 · Unknown · Hortusfox-Web
Name of the Vulnerable Software and Affected Versions: hortusfox-web version 4.4 Description: A cross-site scripting XSS vulnerability exists in the TextBlockModule.php component, allowing attackers to execute arbitrary web scripts or HTML. The issue is triggered by injecting a crafted payload in...