11 matches found
EUVD-2023-3246
Malicious code in bioql PyPI...
EUVD-2024-3104
Malicious code in bioql PyPI...
CVE-2025-4590
The Daisycon prijsvergelijkers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'daisyconuitvaart' shortcode in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2025-2072
FAST LTA Silent Brick WebUI is affected by a Reflected Cross-Site Scripting (XSS) vulnerability. The issue occurs when user-supplied input is reflected in output without proper sanitization or encoding, enabling arbitrary JavaScript execution in the victim’s browser. Affected WebUI parameters inc...
CVE-2024-13612
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bettermessageslivechatbutton' shortcode in all versions up to, and including, 2.6.9 due to insufficient input...
CVE-2024-13700 Embed Swagger UI <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsgui' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-57886 mm/damon/core: fix new damon_target objects leaks on damon_commit_targets()
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix new damontarget objects leaks on damoncommittargets Patch series "mm/damon/core: fix memory leaks and ignored inputs from damoncommitctx". Due to two bugs in damoncommittargets and damoncommitschemes, which are...
CVE-2024-57886
Technical details for CVE-2024-57886 are not provided in the supplied documents. No affected product/versions or remediation specifics are present here; monitor for updates from official advisories and connected sources.
helpcenterBad.txt
GulfTech Security Research May 17th, 2005 Vendor : Michael Bird URL : http://www.helpcenterlive.com/ Version : Help Center Live All Versions Risk : Multiple Vulnerabilities Description: Help Center Live is a Live help desk system written in PHP using a MySql database backend that features Live...
Dragonfly Commerce 1.0 - Multiple SQL Injections
Dragonfly Commerce 1.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/14220/info Dragonfly Commerce is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...
kayako.txt
GulfTech Security Research December 18th, 2004 Vendor : Kayako Web Solutions URL : http://www.kayako.com/ Version : Kayako eSupport v2.x Risk : Multiple Vulnerabilities Description: Kayako eSupport is one of the most feature packed support systems; in this tour you will find why over a thousand...