67 matches found
Classroombookings 安全漏洞
Classroombookings is a school room reservation system developed by Craig A Rodway, based on PHP and MySQL. Versions of Classroombookings 2.17.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the function read in the User Display Name Handler component’s...
GO-2026-4456 Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering in github.com/mattermost/mattermost-plugin-confluence
Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering in github.com/mattermost/mattermost-plugin-confluence...
CVE-1999-0592
The Logon box of a Windows NT system displays the name of the last user who logged in...
CVE-1999-0251
Denial of service in talk program allows remote attackers to disrupt a user's display...
CVE-2025-13746
The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User's Display Name in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-12361 myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7.1 - Missing Authorization to Sensitive Information Exposure
The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This...
EUVD-1999-0251
Malware in sbrugna...
EUVD-2021-24028
Malware in sbrugna...
EUVD-1999-0575
Malware in sbrugna...
EUVD-2006-2308
Malware in sbrugna...
EUVD-2014-0017
Malware in sbrugna...
EUVD-2024-27449
Malicious code in bioql PyPI...
EUVD-2022-24454
Malicious code in bioql PyPI...
EUVD-2022-2338
Malicious code in bioql PyPI...
EUVD-2024-27301
Malicious code in bioql PyPI...
EUVD-2022-41818
Malicious code in bioql PyPI...
CVE-2024-1759
The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2022-1111
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.0 prior to 14.7.7 under certain conditions caused imported projects to show an incorrect user in the 'Access Granted' column in the project membership pages...
CVE-2021-21619
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins...
CVE-2021-37463
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name stored...