CVE-2026-24358

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through = 10.3.3...

CVE-2026-24358 WordPress Quiz And Survey Master plugin <= 10.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through = 10.3.3...

CVE-2026-24358 WordPress Quiz And Survey Master plugin <= 10.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through = 10.3.3...

WordPress plugin Quiz And Survey Master has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

EUVD-2022-1346

Malicious code in bioql PyPI...

EUVD-2023-1606

Malicious code in bioql PyPI...

EUVD-2022-1510

Malicious code in bioql PyPI...

CVE-2023-2730

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

Email verification is not required after email change

Grafana is an open-source platform for monitoring and observability. A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option “verifyemailenabled” will only validate email only on sign up. This issue has been...

CVE-2023-2730 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

GitLab 9.4.x - 9.5.10, 10.x - 10.1.5, 10.2.x - 10.2.5, 10.3.x - 10.3.3 SQLi Vulnerability

GitLab is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

GHSA-6QCC-WHGP-PJJ2 Cross-site Scripting in Pimcore

Pimcore version 10.3.2 and prior is vulnerable to stored cross-site scripting. A patch is available and anticipated to be part of version 10.3.3...

CVE-2022-0831

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

CVE-2022-0831 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

Pimcore 跨站脚本漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. cross-site scripting vulnerabilities exist ...

CVE-2019-17337 TIBCO Spotfire Server Library Vulnerable to Reflected Cross-Site Scripting

The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting XSS attack. Affected releases are TIBCO Software Inc.'...

Oracle WebCenter Interaction Portal Session Hijacking Vulnerability

Oracle WebCenter Interaction is Oracle's suite for creating enterprise portals, collaborative communities, portfolio applications, and social applications.Oracle WebCenter Interaction Portal is one of the management interfaces. A session hijacking vulnerability exists in Oracle WebCenter...

Oracle WebCenter Interaction Cross-Site Scripting Vulnerability

Oracle WebCenter Interaction is Oracle's suite for creating enterprise portals, collaborative communities, portfolio applications, and social applications.Oracle WebCenter Interaction Portal is one of the management interfaces. A cross-site scripting vulnerability exists in the login feature in...

Oracle WebCenter Interaction Open Redirect Vulnerability

Oracle WebCenter Interaction is Oracle's suite for creating enterprise portals, collaborative communities, portfolio applications, and social applications.Oracle WebCenter Interaction Portal is one of the management interfaces. An open redirect vulnerability exists in the login functionality in...

Oracle WebCenter Interaction Cross-Site Scripting Vulnerability (CNVD-2018-19487)

Oracle WebCenter Interaction is Oracle's suite for creating enterprise portals, collaborative communities, portfolio applications, and social applications.Oracle WebCenter Interaction Portal is one of the management interfaces. A cross-site scripting vulnerability exists in the...