@brandboostinggmbh/image (=0.6.2), @cssninja/nuxt-media-viewer (>=0.0.1 <=0.0.15) +48 more potentially affected by CVE-2025-54387 via ipx (>=0.3.2 <=1.1.0)

ipx NPM version =0.3.2, =0.0.1, =1.0.0, =1.0.0-27100507.943fa27, =1.0.3, =1.0.3-27133259.82aaae0, =0.0.2-beta.0, =0.2.0, =14.9.23-prev, =0.6.3, =0.6.2, =1.0.0-beta.2, =1.0.0-beta.2, =1.0.18, =1.0.0-beta.4, =1.0.0-beta.12 and more Source cves: CVE-2025-54387 Source advisory: OSV:GHSA-MM3P-J368-7JC...

WordPress plugin Photo Express for Google 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

PT-2024-33097 · Unknown · Sunbk201 Umicat

Name of the Vulnerable Software and Affected Versions: SunBK201 umicat versions 0.3.2 and earlier Description: The issue allows an attacker to execute arbitrary code via the poweruct int t x, uct int t n function in src/uct upstream.c. This can be exploited to perform local network attacks...

@10duke/event-data-reader-cli (=1.0.0), @adonisjs/auth (>=4.0.0 <=4.0.1) +524 more potentially affected by CVE-2024-28176 via jose (>=0.3.2 <=2.0.5)

jose NPM version =0.3.2, =4.0.0, =0.4.0-next.10, =0.13.0, =1.6.0, =1.2.3, =1.6.11, =1.10.0, =1.0.0, =0.7.0, =0.1.1, =0.2.0, =0.2.33 - @arianee/arianee-server =0.0.1-beta and more Source cves: CVE-2024-28176 Source advisory: OSV:GHSA-HHHV-Q57G-882Q...

com.adform:stream-loader-clickhouse_2.13 (>=0.2.5 <=0.2.12), com.clickhouse:clickhouse-benchmark (>=0.3.2 <=0.3.2-test3) +30 more potentially affected by CVE-2024-23689 via com.clickhouse:clickhouse-jdbc (>=0.3.2-patch1 <=0.4.5)

com.clickhouse:clickhouse-jdbc MAVEN version =0.3.2-patch1, =0.2.5, =0.3.2, =0.0.1.2023070401.Alpha, =0.0.1.2023070401.Alpha, =0.0.1.2023061901.Alpha, =0.0.1.2023052301.Alpha, =4.0.0, =4.1.0, =4.1.1, =1.0-ds, =1.0.0.20221015, =1.6.0, =1.9.0 - io.github.artjourney:janusgraph-clickhouse =0.1.0 and...

PT-2023-9863 · Unknown · Cfire24 Ajaxlife

Name of the Vulnerable Software and Affected Versions: cfire24 ajaxlife versions up to 0.3.2 Description: A vulnerability has been found in cfire24 ajaxlife, classified as problematic. The manipulation leads to cross site scripting. The attack can be initiated remotely. Recommendations: For cfire...

Withdrawn Advisory: marked cross-site scripting vulnerability

Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set...

GHSA-32VW-R77C-GM67 Withdrawn Advisory: marked cross-site scripting vulnerability

Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set...

GHSA-CFJH-P3G4-3Q2F VBScript Content Injection in marked

Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set. Proof of Concept IE10 Compatibility Mode Only xss link will get a link xss link Recommendation Update to version 0.3.3 or later...