CVE-2025-69237 Stored XSS in Raytha CMS

Raytha CMS is vulnerable to Stored XSS via FieldValues0.Value parameter in page creation functionality. Authenticated attacker with permissions to create content can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. This issue was fixed in versi...

PT-2026-25690

Raytha CMS is vulnerable to Stored XSS via FieldValues0.Value parameter in page creation functionality. Authenticated attacker with permissions to create content can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. This issue was fixed in versi...

EUVD-2023-30947

Malicious code in bioql PyPI...

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

PT-2023-20984 · Suprema · Suprema Biostar 2

Name of the Vulnerable Software and Affected Versions: Suprema BioStar 2 version 2.8.16 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the values parameter at the "/users/absence?search month=1" API endpoint. Recommendations: For Suprem...

CVE-2023-25672 TensorFlow has Null Pointer Error in LookupTableImportV2

TensorFlow is an open source platform for machine learning. The function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2021-29393

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters...

Cross site scripting

An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter...

CVE-2010-2624

Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 comment parameter to addcomments.php, 2 values parameter to tagsdetails.php, or 3 begin parameter to greetings.php...