CVE-2025-23951

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DIVENGINE Gallery: Hybrid – Advanced Visual Gallery hybrid-gallery allows Stored XSS.This issue affects Gallery: Hybrid – Advanced Visual Gallery: from n/a through = 1.4.0.2...

EUVD-2024-22106

Malicious code in bioql PyPI...

EUVD-2025-3564

Malicious code in bioql PyPI...

CVE-2025-23951 WordPress Gallery: Hybrid – Advanced Visual Gallery plugin <= 1.4.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DIVENGINE Gallery: Hybrid – Advanced Visual Gallery hybrid-gallery allows Stored XSS.This issue affects Gallery: Hybrid – Advanced Visual Gallery: from n/a through = 1.4.0.2...

WordPress Gallery: Hybrid – Advanced Visual Gallery plugin <= 1.4.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Gallery: Hybrid – Advanced Visual Gallery versions = 1.4.0.2...

WordPress plugin Gallery: Hybrid – Advanced Visual Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

PT-2025-5228 · Unknown · Divengine Gallery

Name of the Vulnerable Software and Affected Versions: DivEngine Gallery: Hybrid – Advanced Visual Gallery versions 1.4.0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means an...

PT-2024-20503 · Cwicly · Cwicly

Name of the Vulnerable Software and Affected Versions: Cwicly versions 1.4.0.2 and earlier Description: The issue is related to improper control of code generation, allowing code injection. This means that an attacker could potentially inject malicious code into the system. Recommendations: For...

CVE-2024-0700

The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tweet this text value in all versions up to, and including, 1.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access a...

WordPress Simple Tweet Plugin <= 1.4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Tweet Type Plugin Vulnerable versions = 1.4.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0700 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ab2aad4c0181 Credits Benachi Required privilege...

CVE-2023-45767

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wokamoto Simple Tweet plugin = 1.4.0.2 versions...

CVE-2023-45767

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wokamoto Simple Tweet plugin = 1.4.0.2 versions...

Socat 1.4.0.2 - Not SETUID Local Format String

Socat 1.4.0.2 - Not SETUID Local Format String / socatexp.c Socat Format String Vulnerability socat No System Group - http://www.nosystem.com.ar coki@servidor:$ make socatexp coki@servidor:$ ./socatexp socat shellcode address = 0xbfffffb9 .dtors address = 0x080740c4 2004/10/19 09:49:46 socat26197...