13 matches found
EUVD-2020-2889
Malware in sbrugna...
EUVD-2025-2892
Malicious code in bioql PyPI...
EUVD-2024-52253
Malicious code in bioql PyPI...
CVE-2025-54571
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrate...
CVE-2025-53935 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint `personalizacao_selecao.php` parameter `id`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...
PT-2025-29517 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.5 Description: WeGIA is an open source web manager. A Reflected Cross-Site Scripting XSS vulnerability exists in the relatorio geracao.php endpoint. Attackers can inject malicious scripts through the tipo relatorio...
CVE-2020-5241 XSS/Script injection vulnerability in matestack
matestack-ui-core RubyGem before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4...
matestack-ui-core is vulnerable to XSS/Script injection
matestack-ui-core does not excape strings by default and does not cover this in the docs. matestack-ui-core should escape strings by default in order to prevent XSS/Script injection vulnerability. v0.7.4 fixes that by escaping strings by default...
TP-Link Archer CR-700 - Cross-Site Scripting
TP-Link Archer CR-700 - Cross-Site Scripting Exploit Title: TP-Link Archer CR-700 XSS vulnerability Google Dork: N/A Date: 09/07/2016 Exploit Author: Ayushman Dutta Vendor Homepage: http://www.tp-link.us/ Software Link: N/A Version: 1.0.6 REQUIRED Tested on: Linux CVE : N/A Exploit Information:...
QtWeb Browser 3.3 - DoS
No description provided by source. Title: QtWeb Browser version 3.3 Dos based in Xss Software:http://www.qtweb.net/downloads/QtWeb-setup.exe Portable Software:http://www.qtweb.net/downloads/QtWeb.exe Version: 3.3 Tested on: Windows Author: PoisonCode Published: 2010-05-17 CVE-ID: | \ / | | | | | ...
Youku open platform storage type XSS script attack vulnerability success hijacking the background-bug warning-the black bar safety net
Youku open platform in the“Create an application”feature of the plurality of fields, not from the client to submit the variables into the database, the output of the safety of the escape process. http://open.youku.com/app/create ! Lead can be directly stepped into the background. Vulnerability...
e107 Persistant XSS vulnerability
Exploit for php platform in category web applications Exploit Title: E107 CMS Persistant XSS vulnerability Google Dork: "intitle:e107 powered website" | inurl:e107admin | ... Date: 18/02/2013 Exploit Author: Zyklon B Vendor Homepage: http://e107.org/ Software Link:...
commute-xss.txt
Aria-Security Tilte: community Cross-site Scripting XSS proof Of Concept : local/path/require/smallhead.php?retun=Xss-script...