CVE-2025-61307

A reflected cross-site scripted XSS vulnerability in the acc-menupapers.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /siteVar/save.do endpoint. An attacker can inject and execute arbitrary scripts by submitting crafted input to the Remark or Variable Value parameters. Details Cross-site scripting or XSS is a code...

CVE-2025-15416 xnx3 wangmarket Add Global Variable save.do cross site scripting

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

CVE-2025-15416

CVE-2025-15416 affects xnx3 wangmarket up to 6.4. The vulnerability exists in the file /siteVar/save.do within the Add Global Variable Handler. Manipulating the Remark/Variable Value parameter can trigger a cross-site scripting (XSS) flaw that can be exploited remotely; the exploit has been publi...

SAP FICA ODN framework 代码注入漏洞

SAP FICA ODN framework is a component for generating official credential numbers from SAP, Germany. A code injection vulnerability exists in the SAP FICA ODN framework that originates from an elevated privilege user being able to inject the value of a local variable, potentially leading to...

CVE-2024-56720

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpfmsgpopdata Several fixes to bpfmsgpopdata, 1. In skmsgshiftleft, we should putpage 2. if len == 0, return early is better 3. pop the entire skmsg last == msg-sg.size should be supported 4. Fix...

UBUNTU-CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

PT-2019-10260 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass versions 3.5.5 and earlier Description: The parsing component in LibSass allows attackers to cause a denial-of-service due to uncontrolled recursion in Sass::Parser::parse css variable value in parser.cpp. Recommendations: For LibSass...

Unspecified Vulnerability in LibSass

LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Parser::parsecssvariablevaluetoken' function in LibSass version 3.5-stable. An attacker could exploit this vulnerability to cause a denial of service...

DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...