EUVD-2025-205908

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas WordPress Tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through 10.7.9...

EUVD-2025-30641

Malicious code in bioql PyPI...

CVE-2025-57980

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas Cordero Safety Exit safety-exit allows Stored XSS.This issue affects Safety Exit: from n/a through = 1.8.0...

PT-2025-38830

Name of the Vulnerable Software and Affected Versions Safety Exit versions through 1.8.0 Description A flaw exists in Safety Exit that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. Successful exploitation could allow ...

CVE-2023-25985

Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...

CVE-2024-35640

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a through 1.7.0...

CVE-2024-35640 WordPress Safety Exit plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a through 1.7.0...

OpenSSL 3.3.0 < 3.3.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.1 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...

PT-2024-23290 · WordPress · Tomas Wordpress Tooltips

Name of the Vulnerable Software and Affected Versions: Tomas WordPress Tooltips versions prior to 9.4.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential remote attacks...

tomas-sanz.com Improper Access Control vulnerability OBB-3813916

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tomas-carpio.cz Cross Site Scripting vulnerability OBB-3786303

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-25985

Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...

CVE-2023-25985

Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...

CVE-2023-25985 WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...

TP-Link Router AX50 firmware 210730 - Remote Code Execution (Authenticated) Exploit

Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability Description: Remote Code...

tomas-consulting.de Cross Site Scripting vulnerability OBB-1410014

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Cross-site Scripting in October

Impact Pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack. Patches Issue has been patched in Build 467 v1.0.467. Workarounds Apply https://github.com/octobercms/october/commit/b384954a29b89117e1c0d6035b3ede4f46df67c5 to your...

vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit

!/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Date: 2020-05-24 Vendor Homepage: https://www.vmware.com/ Software Link:...

CentOS 7 : authconfig (CESA-2017:2285)

An update for authconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...