CVE-2021-22522

Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data...

EUVD-2023-41698

Malicious code in bioql PyPI...

EUVD-2021-9664

Malicious code in bioql PyPI...

CVE-2025-53566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osama.esh WP Visitor Statistics Real Time Traffic wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics Real Time Traffic: from n/a through = 7.8...

WordPress plugin WP Visitor Statistics (Real Time Traffic) security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2019-17579

SonarSource SonarQube before 7.8 has XSS in project links on account/projects...

CVE-2025-46237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yannick Lefebvre Link Library allows Stored XSS. This issue affects Link Library: from n/a through 7.8...

SEOPress < 7.8 - Contributor+ Open Redirect

Description The plugin does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post As a contributor, create a new Post, at the bottom of the page put the following payload in the...

BIT-GITLAB-2024-4024 Authentication Bypass by Assumed-Immutable Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker with their Bitbucket account credentials may be able to take...

PT-2023-26128 · Sitolog · Sitolog Sitologapplicationconnect

Name of the Vulnerable Software and Affected Versions: Sitolog sitologapplicationconnect versions 7.8.a and before Description: A SQL injection issue was found in the /activate hook.php component. This could potentially allow for unauthorized access or manipulation of data. Recommendations: For...

www/awstats -- Partial absolute pathname

MITRE reports: It seems 90 is not completely fixed in 7.8. that is, even after CVE-2017-1000501 and CVE-2020-29600 are fixed. In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname omitting the initial /etc, even though it was intended to only read a file in the...

AWStats 7.x < 7.9 XSS Vulnerability

AWStats is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:awstats:awstats";...

OpenSSH < 7.8

According to its banner, the version of OpenSSH running on the remote host is prior to 7.8. It is, therefore, affected by an information disclosure vulnerability in the auth2-gss.c, auth2-hostbased.c, and auth2-pubkey due to not delaying for an invalid authenticating user. An unauthenticated,...

CVE-2021-22522

Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data...

CVE-2021-22523

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions...

Xxe

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions...

Cross site scripting

Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data...

CVE-2021-22523

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions...

AWStats < 7.8 File Read Vulnerability - Active Check

AWStats is prone to a file read vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:awstats:awstats"; ifdescription...

AWStats: Multiple vulnerabilities

Background AWStats is an advanced log file analyzer and statistics generator. Description Multiple vulnerabilities have been discovered in AWStats. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is ...