EUVD-2007-1488

Malware in sbrugna...

EUVD-2025-21698

Malicious code in bioql PyPI...

CVE-2025-32019 Harbor's repository description page allows for XSS

Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed ...

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

PT-2024-28738 · Unknown · Vaultwarden

Name of the Vulnerable Software and Affected Versions: Vaultwarden formerly Bitwarden RS version 1.30.3 Description: A stored cross-site scripting XSS or HTML injection issue has been discovered in the admin dashboard. This potentially allows an authenticated attacker to inject malicious code int...

CVE-2023-45757

Security vulnerability in Apache bRPC 1.6.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.6.1/ 2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2411 3. disable rpcz feature...

PT-2023-12192 · Izimodal · Izimodal

Name of the Vulnerable Software and Affected Versions: iziModal versions prior to 1.6.1 Description: The issue arises when handling untrusted modal titles, allowing an attacker to influence the title field and supply arbitrary html or javascript code. This code will be rendered in the context of ...

CVE-2018-1999016

Pydio version 8.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in ./core/vendor/meenie/javascript-packer/example-inline.php line 48; ./core/vendor/dapphp/securimage/examples/test.mysql.static.php lines: 114,118 that can result in an unauthenticated remote attacker manipulating...

vBulletin 4.1.12 Cross Site Scripting

TITLE ....... vBulletin 4.1.12 Reflected XSS try csrf for registered users DATE ........ 24.04.2012 AUTOHR ...... http://hauntit.blogspot.com SOFT LINK ... http://www.vbulletin.com VERSION ..... 4.1.12 TESTED ON ... LAMP ----------------------------------------------------------------------- 1...

From the Baidu space to China blog vulnerability-vulnerability warning-the black bar safety net

These days there are always friends to ask me in ten period of black anti-on introduction to ajax hacking degree of influence exactly how much, and how for this stage of the network status of the web2. 0 vulnerability testing, and use of, this time by means of black anti-for everyone to see for...

[UNIX] DCForum+ XSS Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...