3 matches found
EUVD-2025-30778
Malicious code in bioql PyPI...
Cross site scripting
A reflected cross-site scripting XSS vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files...
PHP Support Tickets 1.9 Cross Site Scripting
Google dork: "PHP Support Tickets v1.9" inurl:index.php?action= "PHP Support Tickets v1.9" by "Triangle Solutions Ltd" allows XSS attack at index.php and some implementations also has a bad uploaded files validation allowing to upload a js with a jpg extension that could be using for bypassing XS...