EUVD-2020-7786

Malware in sbrugna...

CVE-2024-7354 Ninja Forms 3.8.6-3.8.10 - Reflected XSS

The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2022-31109 HTTP Host Header Attack Vulnerability in laminas-diactoros

laminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol,...

WordPress 3.8.x < 3.8.30 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in post previews by contributors. - A cross-site scripting XSS vulnerability in stored comments. - An unspecified issue with...

penfieldpost.com XSS vulnerability

Vulnerable URL: http://www.penfieldpost.com/search?text=';";;---- infosec.com.br --;'"...

it.msi.com XSS vulnerability

Vulnerable URL: https://it.msi.com/search/...

fordwingmirror.co.uk XSS vulnerability

Vulnerable URL: http://fordwingmirror.co.uk/tagproducts.php?idtag=%27%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E=en Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 23:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

Wix.com Cross Site Scripting

57 million web pages are affected by a security problem in wix.com Proof of concept of a web page made in wix.com: http://www.itsec.cl/ to see the source code can observe the following: ... Find the SEO content of this site's homepage via http://www.itsec.cl/?escapedfragment= That is where search...