EUVD-2025-3485

Malicious code in bioql PyPI...

CVE-2025-23864

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke America WCS QR Code Generator wcs-qr-code-generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through = 1.0...

CVE-2010-2826

SQL injection vulnerability in Cisco Wireless Control System WCS 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019...

CVE-2025-23864 WordPress WCS QR Code Generator plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke America WCS QR Code Generator wcs-qr-code-generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through = 1.0...

CVE-2025-23864 WordPress WCS QR Code Generator plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke America WCS QR Code Generator wcs-qr-code-generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through = 1.0...

CVE-2025-23864

CVE-2025-23864 is a Stored XSS in WP Code Snippets WCS QR Code Generator (WordPress plugin) with vulnerable versions up to 1.0. Root cause: Improper input neutralization during web page generation. CVSSv3.1: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L, base 6.5 (Medium). Connected Red Hat entry confirms ...

WordPress plugin WCS QR Code Generator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

CVE-2019-18834

Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCSAdminPostTypes in class-wcs-admin-post-types.php...

CVE-2019-18834

Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCSAdminPostTypes in class-wcs-admin-post-types.php...

Information disclosure

An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04US, DCS-1130 1.03/1.04US , DCS-2102 1.05RU/1.06/1.06FR/1.05TESCO, DCS-2121...

CVE-2012-5990

CVE-2012-5990 describes reflected XSS in the Health Monitor login pages of Cisco Prime NCS/WCS. Affected component: Health Monitor Login pages. Root cause: input validation error leading to reflection of HTML/script (CWE-79). Impact stated: attacker can execute arbitrary script in the user’s brow...

CVE-2011-4014

CVE-2011-4014 affects Cisco Wireless Control System (WCS) 7.0, via the TAC Case Attachment tool. The vulnerability allows remote authenticated users to read arbitrary files under webnms/Temp/ through unspecified vectors (Bug ID CSCtq86807). The available sources (NVD entry and Cisco notes) confir...

CVE-2010-2826

Cisco WCS 6.0.x is affected by a SQL injection vulnerability (CVE-2010-2826) in the ORDER BY clause of the Client List screens. The issue allows an authenticated remote attacker to modify system configuration and potentially affect managed devices. The vulnerability is fixed in WCS 6.0.196.0. No ...

CVE-2010-2987

Multiple cross-site scripting XSS vulnerabilities in Cisco Wireless Control System WCS 7.x before 7.0.164, as used in Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854...

CVE-2010-2986

Cross-site scripting XSS vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System WCS before 6.0194.0 and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID...

CVE-2010-2987

CVE-2010-2987 describes multiple reflected XSS vulnerabilities in Cisco Wireless Control System (WCS) 7.x up to 7.0.163/164, used with Cisco Unified Wireless Network (UWN) Solution 7.x up to 7.0.98.0. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-2986

The CVE-2010-2986 entry concerns Cisco Wireless Control System (WCS) Web UI. A XSS flaw exists in webacs/QuickSearchAction.do within the search feature, allowing remote attackers to inject arbitrary web script or HTML via the searchText parameter. Affected versions include WCS prior to 6.0(194.0)...

CVE-2010-2986

Cross-site scripting XSS vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System WCS before 6.0194.0 and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID...

CVE-2007-5382

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine WLSE 4.1.91.0 and earlier to Cisco Wireless Control System WCS creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges...