EUVD-2021-28916

Malicious code in bioql PyPI...

WordPress FancyBox plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress FancyBox plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, whi...

CVE-2024-25151

The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not escape user supplied data in the default notification email template, which allows remote...

PT-2025-13800 · Beego · Beego

Name of the Vulnerable Software and Affected Versions: Beego versions prior to 2.3.6 Description: Beego is an open-source web framework for the Go programming language. A Cross-Site Scripting XSS vulnerability exists in the RenderForm function due to improper HTML escaping of user-controlled data...

CVE-2024-25151

The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not escape user supplied data in the default notification email template, which allows remote...

Security Bulletin: A vulnerability has been identified in IBM Storage Scale System which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol (CVE-2020-4927)

Summary A security vulnerability has been identified in all levels of IBM Storage Scale System which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol . This vulnerability only affects Storage Scale clusters that host file systems. Clusters...

Complaint Management System Cross-Site Scripting Vulnerability

Complaint Management System is a complaint management system. A cross-site scripting vulnerability exists in Complaint Management System v1.0, which originates in the parameter value of file admin/assets/plugins/DataTables/examples/examplessupport/editableajax.php. Lack of effective filtering and...

OpenCA Security Advisory: Cross Site Scripting vulnerability

OpenCA Security Advisory: Cross Site Scripting vulnerability Authors Martin Bartosch [email protected] Michael Bell [email protected] 2004-09-01 Initial revision 2004-09-06 Public release Summary ------- The OpenCA Project is a collaborative effort to develop a robust, full-feature...

Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution

source: https://www.securityfocus.com/bid/1525/info In February of 2000 CERT Coordination Center released an advisory titled "Malicious HTML Tags Embedded in Client Web Requests" advisory attached in 'Credit' section". This advisory was a joint release by the CERT Coordination Center, DoD-CERT, t...