CVE-2025-11338

Affected product: D-Link DI-7100G C1. The vulnerability is a buffer overflow in the jhttpd component, triggered by manipulating the openid argument in the /webchat/login.cgi file, specifically in the function sub_4C0990. This can be exploited remotely, with exploits published. Impact is potential...

EUVD-2024-20408

Malicious code in bioql PyPI...

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

CVE-2024-22880

CVE-2024-22880 describes a Cross Site Scripting vulnerability in the Zadarma extension version 1.0.11, where a remote attacker can cause the webchat component to execute arbitrary code through a crafted script. The CVSS 3.1 base score is 4.7 (Medium), with network attack vector, high attack compl...

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...