CVE-2026-8019

Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

EUVD-2009-5006

Malware in sbrugna...

EUVD-2019-18491

Malware in sbrugna...

EUVD-2021-8697

Malicious code in bioql PyPI...

CVE-2021-21400

wire-webapp is an open-source front end for Wire, a secure collaboration platform. In wire-webapp before version 2021-03-15-production.0, when being prompted to enter the app-lock passphrase, the typed passphrase will be sent into the most recently used chat when the user does not actively give...

PT-2025-22515 · Wire · Wire-Webapp

Name of the Vulnerable Software and Affected Versions: wire-webapp versions 2025-05-14-production.0 through 2025-05-20-production.0 Description: The issue is related to a regression in the session invalidation process. When a user logs out of the Wire webapp, they could be automatically logged in...

Path traversal

Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...

Design/Logic Flaw

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

Inventory Webapp - (itemquery) SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: =========...

Inventory Webapp - itemquery SQL injection

Inventory Webapp - itemquery SQL injection Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php...

ADAPT - Tool That Performs Automated Penetration Testing For WebApps

ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs...

Open-AuditIT Professional 2.1 - Cross-Site Scripting

Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/ Version: 2.1 CVE : CVE-2018-8903...

webapp.montcopa.org XSS vulnerability

Open Bug Bounty ID: OBB-255788 Description| Value ---|--- Affected Website:| webapp.montcopa.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...

webapp.seo-magic.it XSS vulnerability

Vulnerable URL: http://webapp.seo-magic.it/modules/projectnumber/?jsoncallback=prompt/OPENBUGBOUNTY/...

Proservice CMS Gallery Code SQL Injection Vulnerability

Exploit for php platform in category web applications +----------------------------------------------------------------- | Exploit Title: Proservice CMS Gallery Code SQL Injection Vulnerability | Date: 30-06-2012 | Author: cheki | Vendor Link: http://proservice.ge/ | Category:WebApp | Price: NULL...

PlumeCMS 1.2.4 Cross Site Scripting

+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : PlumeCMS = 1.2.4 Multiple Persistent XSS Date : 04-04-2012 Author : Ivano Binetti http://www.ivanobinetti.com Software link :...

Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin / Add Event)

+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Simple PHP Agenda = 2.2.8 CSRF Add Admin - Add Event Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Software link :...

CMS Made Simple <= 1.10.3 XSS Vulnerability

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : CMS Made Simple = 1.10.3 XSS Vulnerability Date : 02-04-2012 Author : Ivano Binetti...

SyndeoCMS 3.0.01 - Persistent Cross-Site Scripting

+---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Vendor site : http://www.syndeocms.org/ Software...

Code injection

The Menu Manager Mod for 1 web-app.net WebAPP aka WebAPP NE 0.9.9.3.3 through 0.9.9.8, and 2 web-app.org WebAPP before 0.9.9.6, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the titles of items in a personal menu...