EUVD-2023-12657

Malicious code in bioql PyPI...

CVE-2025-51396

A stored cross-site scripting XSS vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter...

CVE-2025-51400

A stored cross-site scripting XSS vulnerability in the Personal Canned Messages of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

PT-2025-30334 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: Live Helper Chat version 4.60 Description: A stored cross-site scripting XSS issue exists in the department assignment editing module. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the Alias Nick...

live helper chat 安全漏洞

live helper chat is an open source plugin from an individual developer that supports online chat. It provides chat functionality for web platforms. A security vulnerability exists in live helper chat version v4.60, which stems from insufficient validation of the operator name parameter input in t...

PT-2025-30330 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: Live Helper Chat version 4.60 Description: A stored cross-site scripting XSS vulnerability exists in Live Helper Chat version 4.60. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Telegra...

CVE-2023-7299 DataGear resolveSql sql injection

A vulnerability was found in DataGear up to 4.60. It has been declared as critical. This vulnerability affects unknown code of the file /dataSet/resolveSql. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. Upgrading to version 4.7.0 is able to...

CVE-2023-0621 CVE-2023-0621

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these...

CVE-2023-0621 CVE-2023-0621

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these...

CVE-2023-0623 CVE-2023-0623

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...

Horner Automation Cscape EnvisionRV

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape EnvisionRV Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could execute arbitrary code in the context of the current process...

CVE-2020-27259

The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code...

Stack overflow

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...

Code injection

The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code...

CVE-2020-27261

Omron CX-One (versions 4.60 and earlier) contains a stack-based buffer overflow in the CX-One CX-Position component (NCI file parsing) caused by inadequate input validation of NCI configuration data, enabling remote arbitrary code execution. Affected apps include CX-Protocol (≤2.02), CX-Server (≤...

CVE-2020-27261 Omron CX-One

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...

CVE-2020-27259

The CVE-2020-27259 issue affects Omron CX-One (versions 4.60 and prior), arising from an untrusted pointer dereference in CX-One’s NCI file parsing (CX-Position). This flaw can permit remote code execution, with exploitation tied to user interaction (visit a crafted page/file). The ZDI advisory s...

CVE-2020-29583

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...

Default credentials

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...

OBlog (tags. asp) Remote SQL Injection Exploit-vulnerability warning-the black bar safety net

The official has been fixed the vulnerability. –==+=================== www.nspcn.org =================+==– –==+ OBlog tags. asp Remote SQL Injection Exploit +==– –==+====================================================================================+==– Author: Whytt & Tr4c3at1 2 6dotcom...