CVE-2026-27970 Angular i18n vulnerable to Cross-Site Scripting (XSS)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a cross-Site scripting vulnerability in the Angular internationalization i18n pipeline. In ICU messages...

PT-2026-5831

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

CVE-2025-59870 Improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk

HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk...

CVE-2024-58321 Kentico Xperience <= 13.0.159 Form Validation Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via form validation rule configuration. Attackers can exploit this vulnerability to execute malicious scripts that will run in users' browsers...

EUVD-2019-0327

Malware in sbrugna...

EUVD-2025-22403

Malicious code in bioql PyPI...

EUVD-2024-3596

Malicious code in bioql PyPI...

EUVD-2024-44034

Malicious code in bioql PyPI...

EUVD-2025-19847

Malicious code in bioql PyPI...

EUVD-2024-33532

Malicious code in bioql PyPI...

Hospital Management System about-us.php File SQL Injection Vulnerability

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the pagetitle parameter of about-us.php. An attacker can exploit thi...

CVE-2025-27452 CVE-2025-27452

The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There are modules activated that are not required for the operation of the FNADE4 web application. The functionality of the some modules pose a risk to the webserver which enable...

Simple Online Hotel Reservation System add_account.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter name/adminid in the file...

CVE-2022-24219

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpage.php...

PublicCMS Cross-Site Request Forgery Vulnerability

PublicCMS is a content management system. A cross-site request forgery vulnerability exists in PubliCMS version 4.0.202302.e. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. The vulnerability can be exploited to forge ...

PT-2024-19991 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.3 and 2.24.0 Description: A stored cross-site scripting XSS issue exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend...

CVE-2022-38278

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/friendlylink/list...

EGavilan Barcodes generator 跨站脚本漏洞

Egavilan Media Barcodes generator is a Php-based barcode generator for product names from Egavilan Media. EGavilan Barcodes generator 1.0 suffers from a cross-site scripting vulnerability that originates from cross-site scripting XSS via index.php. An attacker can exploit this vulnerability to...

File Upload Vulnerability in Phisung House Website Building System

Phaethon House is an online notebook for operators and maintainers. A file upload vulnerability exists in the Phaidon House builder system that can be exploited by an attacker to gain control of the server...

Siemens SICAM A8000 RTU Cross-Site Scripting Vulnerability

The SICAM A8000 RTU Remote Terminal Unit series is a modular family of devices for remote control and automation applications in all areas of energy supply. A cross-site scripting vulnerability exists in the Siemens SICAM A8000 RTU. The vulnerability is caused due to the login screen failing to...