EUVD-2025-26225

Malicious code in bioql PyPI...

CVE-2025-9659 O2OA Personal Profile widget cross site scripting

A vulnerability has been found in O2OA up to 10.0-410. The affected element is an unknown function of the file /xportalassembledesigner/jaxrs/widget of the component Personal Profile Page. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been...

CVE-2025-9659

The CVE-2025-9659 entry relates to O2OA (versions up to 10.0-410) where the Personal Profile Page widget contains an unknown-function issue in the file /x_portal_assemble_designer/jaxrs/widget that leads to cross-site scripting. The vulnerability can be exploited remotely and an public exploit ha...

CVE-2019-13414

The Rencontre plugin before 3.1.3 for WordPress allows XSS via inc/rencontrewidget.php...

CVE-2019-13413

The Rencontre plugin before 3.1.3 for WordPress allows SQL Injection via inc/rencontrewidget.php...

PT-2019-13326 · Rencontre · Rencontre

Name of the Vulnerable Software and Affected Versions: Rencontre plugin versions prior to 3.1.3 Description: The issue allows for XSS attacks. This is due to a problem in the inc/rencontre widget.php file. Recommendations: For versions prior to 3.1.3, update to version 3.1.3 or later to resolve t...

PT-2019-13325 · Rencontre · Rencontre

Name of the Vulnerable Software and Affected Versions: Rencontre plugin versions prior to 3.1.3 Description: The issue allows SQL Injection via the inc/rencontre widget.php file. Recommendations: For versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue...

bilboblog 2.1 - Multiple Vulnerabilities

------------------------------------------------------------------ Name : Bilboblog 2.1 Multiples Vulnerabilities Description : Bilboblog is a small application of micro-blogging in Php / MySQL Link : http://www.tux-planet.fr/bilboblog-version-021-english-translation/ Vuln. types : Login Bypass -...