Cross-site Scripting

form-to-database is vulnerable to Cross-Site Scripting. The vulnerability is due to improper handling of form values, where non-string inputs were not sanitized or safely normalized, and attackers can exploit this by injecting malicious JavaScript that executes when the data is rendered...

EUVD-2022-5024

Malicious code in bioql PyPI...

EUVD-2025-29543

Malicious code in bioql PyPI...

CVE-2025-10316

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

TYPO3 "Form to Database" extension susceptible to Cross-site Scripting

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

GHSA-54PG-2X9H-CMX8 TYPO3 "Form to Database" extension susceptible to Cross-site Scripting

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the formtodatabase exten. An attacker can execute arbitrary scripts in the context of the user's browser by injecting malicious input. Details Cross-site scripting or XSS is a code vulnerability that occurs...

CVE-2025-10316

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

CVE-2025-10316

CVE-2025-10316 affects the TYPO3 extension Form to Database (form_to_database). The issue is Cross-Site Scripting due to insufficient handling of form values, allowing injection of malicious scripts when data is rendered. Affected versions are: before 2.2.5; 3.0.0–3.2.1; 4.0.0–4.2.2; 5.0.0–5.0.1....

CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)

The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...

PT-2025-37914

Name of the Vulnerable Software and Affected Versions: Form to Database versions prior to 2.2.5 Form to Database versions 3.0.0 through 3.2.2 Form to Database versions 4.0.0 through 4.2.3 Form to Database versions 5.0.0 through 5.0.2 Description: The extension "Form to Database" is susceptible to...

TYPO3 Form to Database 安全漏洞

TYPO3 Form to Database is an open source database extension for TYPO3. A security vulnerability exists in TYPO3 Form to Database, which is vulnerable to cross-site scripting attacks. The following versions are affected: versions prior to 2.2.5, versions 3.0.0 through 3.2.2, versions 4.0.0 through...

CVE-2019-7488

Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier...

PT-2023-31266 · Sap · Sap Gui For Windows +1

Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows affected versions not specified SAP GUI for Java affected versions not specified Description: The issue allows an unauthenticated attacker to access restricted and confidential information. Additionally, it enables the...

CVE-2023-44164

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2022-47163

Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin = 2.6 versions...

CVE-2022-47163

Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin = 2.6 versions...

CVE-2022-47163

CVE-2022-47163 is a CSRF vulnerability in the WordPress plugin WP CSV to Database by josh401, affecting versions

WordPress Plugin WP CSV to Database 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...