EUVD-2023-51734

Malicious code in bioql PyPI...

CVE-2025-53822 WeGIA vulnerable to Reflected Cross-Site Scripting in endpoint 'relatorio_geracao.php' parameter 'tipo_relatorio'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the relatoriogeracao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...

CVE-2025-43861 ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection

ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes"...

knitterchat.com Cross Site Scripting vulnerability OBB-3627592

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Superfast Mailgun for the Newsletter plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Superfast Mailgun for the Newsletter plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05f4a612540e Credits Rafie...

web.burnettcounty.org Cross Site Scripting vulnerability OBB-3126911

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

alierbas.com.tr Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8505 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting alierbas.com.tr website and its users. Following coordinat...

cdnmed.eluniversal.com Cross Site Scripting vulnerability

Security Researcher g0bl1nsec Helped patch 3621 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting cdnmed.eluniversal.com website and its users. Following...

lizandstu.com XSS vulnerability

Vulnerable URL: https://www.lizandstu.com/yelland/browsemedia.php?mediasearch=bug=headstones=Relatives="%20autofocus%20onfocus=alert%60OPENBUGBOUNTY%60%20 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 15.01.2018 Vulnerability type:| XSS...

avalancheacademy.com XSS vulnerability

Vulnerable URL: http://www.avalancheacademy.com/product.asp?strParents=%22%3E%3Cscript%3Ealert%22OPENBUGBOUNTY%22%3C/script%3EID=4ID=7 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...

ssh101.com XSS vulnerability

Vulnerable URL: http://www.ssh101.com/secure/index.php?id="' Details: Description| Value ---|--- Patched:| Yes, at 13.01.2017 Latest check for patch:| 13.01.2017 04:25 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 237578 VIP website status:| No Check ssh101.co...

irkutskmedia.ru XSS vulnerability

Vulnerable URL: http://irkutskmedia.ru/search/?search=" autofocus onfocus="alert/XSSPOSED/ Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 258565 VIP websi...

foxhayescarsales.co.uk XSS vulnerability

Vulnerable URL: http://www.foxhayescarsales.co.uk/email.php?subject=%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

hwmaint.cybersecurity.oxfordjournals.org XSS vulnerability

Vulnerable URL:...

pixmania.no XSS vulnerability

Vulnerable URL: https://www.pixmania.no/s?q=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2391647 VIP website status:| No Check pixmania.no SSL connection:| Grade: B Coordinated...

das-meininger-theater.de XSS vulnerability

Vulnerable URL: http://www.das-meininger-theater.de/index.php?m=106"=01spielplan&=1 Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 11:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1529593 VIP website...

gskill.com XSS vulnerability

Vulnerable URL: http://gskill.com/en/rma/submit Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 90652 VIP website status:| No Check gskill.com SSL connection:| Grade: F Coordinated...

sweetandcasual.com XSS vulnerability

Vulnerable URL: http://sweetandcasual.com/?refererNickname=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 31544 VIP website status:| Yes Check sweetandcasual.com SSL connection:|...

dpsjobboard.dpsk12.org XSS vulnerability

Vulnerable URL: https://dpsjobboard.dpsk12.org/sso/SSOServlet?locale=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

chinesedomain.cn XSS vulnerability

Vulnerable URL: https://www.chinesedomain.cn/utils/UnSubscribeMe.bml?Name=JUSTXSSS=EstrellaWarBirdsNews=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3240543 VIP website status:...