5 matches found
EUVD-2026-41008
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.23 before v.4.8.3.1...
EUVD-2025-31210
Malicious code in bioql PyPI...
CVE-2025-10173
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the postsave function in all versions up to, and including, 4.8.3. This makes it possible for authenticated...
CODOFORUM Cross-Site Scripting Vulnerability
Codoforum is a free forum package built with PHP and MySQL. A cross-site scripting vulnerability exists in the administration dashboard in Codoforum 4.8.3. The vulnerability can be exploited to conduct a cross-site scripting attack via the Categories in the Manage Users screen...
LINE for Windows fails to properly verify downloaded files
Overview The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified. LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation...