MailEnable FieldTo Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

MailEnable FieldBcc Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

EUVD-2025-202289

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

Periodic Directory Security Audit 1.0

This code enables persistence via the /etc/periodic directory similarly to recent metasploit modules that perform the same function. This is a variant written in PHP...

CVE-2025-11860

The Twitter Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ottwitterfeed' shortcode in all versions up to, and including, 1.3.1. This is due to the plugin not properly sanitizing user input and output of the 'width' and 'height' parameters. This makes it possible...

CVE-2025-12583 Simple Downloads List <= 1.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxneofixsdledit' AJAX endpoint along with many others in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, wi...

CampCodes School Fees Payment Management System SQL注入漏洞

School Fees Payment Management System is a tuition payment management system. School Fees Payment Management System is vulnerable to a SQL injection vulnerability that stems from improper handling of unknown parameters in the /ajax.php?action=deletecourse file. No details of the vulnerability are...

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the REMOTELOGADDR parameter of the...

EUVD-2025-35729

Liferay Portal Self Cross-site scripting XSS vulnerability on the edit Knowledge Base article page...

Cross-site Scripting (XSS)

Overview Piranha.Manager is a manager panel for Piranha CMS for AspNetCore. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the /manager/pages component when user-supplied input is injected into Markdown blocks. An attacker can execute arbitrary web scripts or HTML...

D-Link Nuclias Connect Cross-Site Scripting Vulnerability

D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. D-Link Nuclias Connect suffers from a cross-site scripting vulnerability that stems from the application...

Centreon cross-site scripting vulnerability (CNVD-2025-24648)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

Centreon cross-site scripting vulnerability (CNVD-2025-24649)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...

Centreon has an unspecified vulnerability (CNVD-2025-24647)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

Apache Geode 安全漏洞

Apache Geode is a U.S.-based Apache Foundation suite of management platforms used in distributed cloud architectures to provide real-time and consistent access to data for data-intensive applications. A security vulnerability exists in Apache Geode versions prior to 1.15.2 that originates from we...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...

EUVD-2009-0597

Malware in sbrugna...

EUVD-2006-1335

Malware in sbrugna...

EUVD-2010-0359

Malware in sbrugna...

EUVD-2007-1357

Malware in sbrugna...