CVE-2025-68858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Casey Bisson wpCAS wpcas allows Reflected XSS.This issue affects wpCAS: from n/a through = 1.07...

CVE-2025-68858 WordPress wpCAS plugin <= 1.07 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Casey Bisson wpCAS wpcas allows Reflected XSS.This issue affects wpCAS: from n/a through = 1.07...

CVE-2025-68858

CVE-2025-68858: Reflected Cross-Site Scripting in WordPress plugin wpCAS (

CVE-2025-68858 WordPress wpCAS plugin <= 1.07 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Casey Bisson wpCAS wpcas allows Reflected XSS.This issue affects wpCAS: from n/a through = 1.07...

CVE-2025-57310

A Cross-Site Request Forgery CSRF vulnerability in Salmen2/Simple-Faucet-Script v1.07 via crafted POST request to admin.php?p=ads&c=1 allowing attackers to execute arbitrary code...

PT-2025-46695

Name of the Vulnerable Software and Affected Versions Salmen2/Simple-Faucet-Script version 1.07 Description A Cross-Site Request Forgery CSRF issue exists in the software. A crafted POST request to the ''admin.php?p=ads&c=1'' endpoint can allow attackers to execute arbitrary code. Recommendations...

CVE-2025-62777

Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...

EUVD-2025-36436

Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...

CVE-2025-62777

Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...

PT-2025-44085

Name of the Vulnerable Software and Affected Versions MZK-DP300N versions 1.07 and earlier Description A security issue exists due to the use of hard-coded credentials. This may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...

EUVD-2019-18903

Malware in sbrugna...

EUVD-2016-7472

Malware in sbrugna...

CVE-2025-57263

An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin access to inject malicious SQL payloads via the "word" POST parameter in the words.php admin panel...

VX Guestbook 安全漏洞

VX Guestbook is a guestbook program by the individual developer of VX Guestbook. A security vulnerability exists in VX Guestbook version 1.07, which originates from an SQL injection in the word parameter in the words.php admin panel, which could lead to malicious SQL payload injection...

CVE-2025-57263

The CVE-2025-57263 entry concerns VX Guestbook 1.07 with an authenticated SQL injection via the word POST parameter in the words.php admin panel. Attackers with admin privileges can inject malicious SQL payloads, indicating impact to data confidentiality, integrity, and availability as described ...

CVE-2025-57263

An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin access to inject malicious SQL payloads via the "word" POST parameter in the words.php admin panel...

PT-2025-35939

Name of the Vulnerable Software and Affected Versions: VX Guestbook version 1.07 Description: An authenticated SQL injection vulnerability exists in VX Guestbook version 1.07. Attackers with admin access can inject malicious SQL payloads via the word POST parameter in the words.php admin panel...

AES Multimedia Gestnet 注入漏洞

AES Multimedia Gestnet is a contracted software from AES Multimedia. An injection vulnerability exists in AES Multimedia Gestnet version v1.07, which stems from an incorrect operation of the parameter fkremotocentral in the file /webservices/articles.php resulting in SQL injection...

CVE-2025-46536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RichardHarrison Carousel-of-post-images carousel-of-post-images allows DOM-Based XSS.This issue affects Carousel-of-post-images: from n/a through = 1.07...

CVE-2025-46536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RichardHarrison Carousel-of-post-images carousel-of-post-images allows DOM-Based XSS.This issue affects Carousel-of-post-images: from n/a through = 1.07...