tp-xss

TP - Exploitation d'une Faille XSS Enonce du professeur...

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html=1=file.html Search Terms field...

CVE-2019-7402

An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfgqqcode parameter. This can be exploited via CSRF...

CVE-2019-16719

WTCMS 1.0 allows index.php?g=admin=index=index CSRF with resultant XSS...

EUVD-2019-9449

Malware in sbrugna...

EUVD-2020-19475

Malware in sbrugna...

EUVD-2020-8159

Malware in sbrugna...

EUVD-2018-0089

Malware in sbrugna...

EUVD-2018-13488

Malware in sbrugna...

EUVD-2018-4030

Malware in sbrugna...

EUVD-2018-18685

Malware in sbrugna...

EUVD-2022-24906

Malicious code in bioql PyPI...

EUVD-2025-4468

Malicious code in bioql PyPI...

EUVD-2022-4227

Malicious code in bioql PyPI...

EUVD-2025-22466

Malicious code in bioql PyPI...

EUVD-2023-58657

Malicious code in bioql PyPI...

EUVD-2024-1016

Malicious code in bioql PyPI...

CVE-2025-6235 ExtremeControl (NAC) 'onmouseover' XSS

In ExtremeControl before 25.5.12, a cross-site scripting XSS vulnerability was discovered in a login interface of the affected application. The issue stems from improper handling of user-supplied input within HTML attributes, allowing an attacker to inject script code that may execute in a user's...

CVE-2023-43770

Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcubestringreplacer.php behavior...

CVE-2020-5286

In PrestaShop between versions 1.7.4.0 and 1.7.6.5, there is a reflected XSS when uploading a wrong file. The problem is fixed in 1.7.6.5...